package com.esen.eweb.action;

import com.esen.util.ExceptionHandler;
import com.esen.util.StrFunc;
import com.esen.util.security.SecurityFunc;
import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@RequestMapping({"/eweb/titlepage"})
@Controller
/* loaded from: input_file:com/esen/eweb/action/ActionTitlePage.class */
public class ActionTitlePage {
    @RequestMapping
    public String toTitlePage(HttpServletRequest httpServletRequest) {
        String checkSemicolon = SecurityFunc.checkSemicolon(httpServletRequest.getParameter("title"));
        String checkXSSParam = SecurityFunc.checkXSSParam(httpServletRequest.getParameter("url"));
        SecurityFunc.checkSemicolon(checkXSSParam);
        if (checkXSSParam.indexOf("../../") != -1) {
            ExceptionHandler.throwRuntimeException("com.esen.eweb.action.actiontitlepage.urlillegal", "参数“{0}”含有非法字符", new Object[]{checkXSSParam});
        }
        httpServletRequest.setAttribute("title", SecurityFunc.checkXSSParam(StrFunc.unescape(checkSemicolon)));
        httpServletRequest.setAttribute("url", StrFunc.unescape(checkXSSParam));
        return "eweb/templet/titlepage";
    }
}
