import java.io.*;
import java.net.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class ExportRestriction extends HttpServlet {
public void doGet(HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException {
res.setContentType("text/html");
PrintWriter out = res.getWriter();
// ...Some introductory HTML...
// Get the client's hostname
String remoteHost = req.getRemoteHost();
// See if the client is allowed
if (! isHostAllowed(remoteHost)) {
out.println("Access <BLINK>denied</BLINK>"); // filter out the blink!
}
else {
out.println("Access granted");
// Display download links, etc...
}
}
// We assume hosts ending with .com, .edu, .net, .org,
// .gov, .mil, .us, and .ca are legal even though this is an
// over-simplification now that .com, .net, and .org have
// become global top-level domains. We also assume
// clients without a domain name are local and that
// local is allowed. (After all, if local isn't allowed
// you would have to be outside the U.S. and Canada -- so
// why would you be using this servlet?)
private boolean isHostAllowed(String host) {
return (host.endsWith(".com") ||
host.endsWith(".edu") ||
host.endsWith(".net") ||
host.endsWith(".org") ||
host.endsWith(".gov") ||
host.endsWith(".mil") ||
host.endsWith(".us") ||
host.endsWith(".ca") ||
(host.indexOf('.') == -1)); // no domain, assume OK
}
}
|