This operation is shown in
Section 5.2 (Example: A Reporting Filter) and is not repeated here.
Listing 5.14 shows a very simple page that contains little but a link to the daily special
servlet. When that page is hosted on a normal site (Figure 5??“3), the link results in
the expected output (Figure 5??“4). However, when the page that contains the link is
hosted on a banned site (Figure 5??“5), the link results only in a warning page (Figure
5??“6)??”access to the real servlet is blocked.
5.8 Example: A Prohibited-Site Filter 229
Figure 5??“3 A page that links to the
daily special servlet. This version is
hosted on the desktop development
server.
Figure 5??“4 You can successfully
follow the link from the page of
Figure 5??“3. The BannedAccess-
Filter does not prohibit access
from localhost.
Figure 5??“5 A page that links to the
daily special servlet. This version is
hosted on www.tbiq.com.
Chapter 5 ?– Servlet and JSP Filters 230
Listing 5.12 BannedAccessFilter.java
package coreservlets.filters;
import java.io.*;
import java.net.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
/** Filter that refuses access to anyone connecting directly
* from or following a link from a banned site.
*/
public class BannedAccessFilter implements Filter {
private HashSet
bannedSiteTable;
/** Deny access if the request comes from a banned site
* or is referred here by a banned site.
Pages:
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281