package com.ajaxjs.security;

import com.ajaxjs.mvc.ModelAndView;
import com.ajaxjs.mvc.controller.MvcOutput;
import com.ajaxjs.mvc.controller.MvcRequest;
import com.ajaxjs.mvc.filter.FilterAction;
import com.ajaxjs.util.CommonUtil;
import java.lang.reflect.Method;

/* loaded from: input_file:com/ajaxjs/security/RefererFilter.class */
public class RefererFilter implements FilterAction {
    @Override // com.ajaxjs.mvc.filter.FilterAction
    public boolean before(ModelAndView modelAndView, MvcRequest mvcRequest, MvcOutput mvcOutput, Method method, Object[] objArr) {
        String header = mvcRequest.getHeader("referer");
        if (CommonUtil.isEmptyString(header)) {
            throw new SecurityException("请求没有 referer 字段不通过");
        }
        return header.startsWith(mvcRequest.getServerName());
    }

    @Override // com.ajaxjs.mvc.filter.FilterAction
    public void after(ModelAndView modelAndView, MvcRequest mvcRequest, MvcOutput mvcOutput, Method method, boolean z) {
    }
}
