package org.sonatype.nexus.web.internal;

import javax.inject.Named;
import javax.inject.Singleton;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.web.servlet.AdviceFilter;

@Singleton
@Named
/* loaded from: input_file:WEB-INF/lib/nexus-core-2.14.16-01.jar:org/sonatype/nexus/web/internal/CookieFilter.class */
public class CookieFilter extends AdviceFilter {
    private static final String SECURE_FLAG = "; Secure";

    @Override // org.apache.shiro.web.servlet.AdviceFilter
    protected boolean preHandle(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        filterCookies(servletRequest, servletResponse);
        return true;
    }

    protected void filterCookies(ServletRequest servletRequest, ServletResponse servletResponse) {
        if (servletRequest.isSecure() && (servletResponse instanceof HttpServletResponse)) {
            secureCookies((HttpServletResponse) servletResponse);
        }
    }

    private void secureCookies(HttpServletResponse httpServletResponse) {
        boolean z = false;
        for (String str : httpServletResponse.getHeaders("Set-Cookie")) {
            String str2 = str.lastIndexOf(SECURE_FLAG) == -1 ? str + SECURE_FLAG : str;
            if (z) {
                httpServletResponse.addHeader("Set-Cookie", str2);
            } else {
                httpServletResponse.setHeader("Set-Cookie", str2);
            }
            z = true;
        }
    }
}
