package org.apache.ambari.server.security;

import com.google.inject.Singleton;
import javax.servlet.ServletRequest;
import org.apache.ambari.server.configuration.Configuration;

@Singleton
/* loaded from: input_file:org/apache/ambari/server/security/AmbariServerSecurityHeaderFilter.class */
public class AmbariServerSecurityHeaderFilter extends AbstractSecurityHeaderFilter {
    @Override // org.apache.ambari.server.security.AbstractSecurityHeaderFilter
    protected boolean checkPrerequisites(ServletRequest servletRequest) {
        boolean z = false;
        if (null == servletRequest.getAttribute("deny.header.overrides.flag")) {
            z = true;
        } else {
            servletRequest.removeAttribute("deny.header.overrides.flag");
        }
        return z;
    }

    @Override // org.apache.ambari.server.security.AbstractSecurityHeaderFilter
    protected void processConfig(Configuration configuration) {
        setSslEnabled(configuration.getApiSSLAuthentication());
        setStrictTransportSecurity(configuration.getStrictTransportSecurityHTTPResponseHeader());
        setxFrameOptionsHeader(configuration.getXFrameOptionsHTTPResponseHeader());
        setxXSSProtectionHeader(configuration.getXXSSProtectionHTTPResponseHeader());
        setXContentTypeHeader(configuration.getXContentTypeHTTPResponseHeader());
        setCacheControlHeader(configuration.getCacheControlHTTPResponseHeader());
        setPragmaHeader(configuration.getPragmaHTTPResponseHeader());
        setCharset(configuration.getCharsetHTTPResponseHeader());
    }
}
