package io.confluent.controlcenter.rest;

import com.github.zafarkhaja.semver.Version;
import com.google.inject.Inject;
import io.confluent.controlcenter.ControlCenterConfig;
import io.confluent.controlcenter.healthcheck.HealthCheckModule;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:io/confluent/controlcenter/rest/CustomHeaderFilter.class */
public class CustomHeaderFilter implements Filter {
    static final String X_CONFLUENT_CONTROL_CENTER_VERSION_HEADER = "X-Confluent-Control-Center-Version";
    static final String X_CONFLUENT_CONTROL_CENTER_SESSION_HEADER = "X-Confluent-Control-Session";
    static final String STRICT_TRANSPORT_SECURITY_HEADER = "Strict-Transport-Security";
    static final String STRICT_TRANSPORT_SECURITY_VALUE = "max-age=31536000";
    static final String CACHE_CONTROL_HEADER = "Cache-Control";
    static final String CACHE_CONTROL_VALUE = "no-store";
    static final String X_FRAME_OPTIONS = "X-Frame-Options";
    private ControlCenterConfig controlCenterConfig;
    private final Version version;
    private final String sessionId;

    @Inject
    public CustomHeaderFilter(ControlCenterConfig controlCenterConfig, Version version, @HealthCheckModule.SessionId String str) {
        this.controlCenterConfig = controlCenterConfig;
        this.version = version;
        this.sessionId = str;
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.setHeader(X_CONFLUENT_CONTROL_CENTER_VERSION_HEADER, this.version.toString());
        httpServletResponse.setHeader(X_CONFLUENT_CONTROL_CENTER_SESSION_HEADER, this.sessionId);
        if (this.controlCenterConfig.getBoolean(ControlCenterConfig.CONTROL_CENTER_HSTS_ENABLE).booleanValue()) {
            httpServletResponse.setHeader("Strict-Transport-Security", STRICT_TRANSPORT_SECURITY_VALUE);
        }
        if (!this.controlCenterConfig.getString(ControlCenterConfig.CONTROL_CENTER_REST_RESPONSE_HEADERS).contains("Cache-Control")) {
            httpServletResponse.setHeader("Cache-Control", "no-store");
        }
        httpServletResponse.setHeader("X-Frame-Options", "SAMEORIGIN");
        filterChain.doFilter(servletRequest, servletResponse);
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
