/* * Copyright (c) 1998 Purple Technology, Inc. All Rights Reserved. * * This software is the confidential and proprietary information of * Purple Technology, Inc. ("Confidential Information"). You shall * not disclose such Confidential Information and shall use it only in * accordance with the terms of the license agreement you entered into * with Purple Technology. * * PURPLE TECHNOLOGY MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE * SUITABILITY OF THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING * BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. PURPLE * TECHNOLOGY SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES SUFFERED * BY LICENSEE ARISING IN ANY WAY AS A RESULT OF USING, MODIFYING OR * DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. * * Contact: alexc@purpletech.com (Alex Chaffee) */ package com.purpletech.servlets; import java.io.*; import javax.servlet.*; import javax.servlet.http.*; /** * This servlet detects whether the client accepts cookies. It acts as * a gateway, eventually sending the user to one of two URLs. One URL * results when the user has accepted the cookie; another results * either if the user rejected the cookie, or if the user's browser * does not support cookies. The intention is to use the "no-cookie" * page as a message to the user saying "this site requires cookies -- * pretty please accept my cookies or the site won't work right." * *

* The sequence of events is:

User invokes servlet *
Servlet drops a cookie on the client *
Servlet sends a redirect, pointing the user back to itself, with a flag saying "this is the test phase" *
The test phase detects whether
- The client accepted the cookie *
- The client rejected the cookie (or the browser doesn't support cookies) *
*
Servlet sends another redirect to the destination page *

* *

Use the urlCookies and urlNoCookies * init parameters to specify the destination pages for clients that * accept and rejct cookies, respectively.

* *

(It would be nice if all implementations of Session Tracking * used a similar technique. As it is, some servlet engines seem to * just check whether the browser can potentially * support cookies, not whether a particular user has disabled cookies * for this session or site.) *

* *

Download the source

* **/ public class CookieDetector extends HttpServlet { String probeName = "CookieDetector.probe"; public void doGet(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException { log("doGet"); Cookie cookie; int port = req.getServerPort(); String self = req.getScheme() + "://" + req.getServerName() + (port == 80 ? "" : ":"+port) + req.getServletPath(); log("self = " + self); String phase = req.getParameter("phase"); log("phase = " + phase); if (phase == null) { cookie = new Cookie(probeName, req.getServletPath()); cookie.setComment("Will this get dropped?"); cookie.setMaxAge(-1); // cookie.setPath(req.getServletPath()); res.addCookie(cookie); res.sendRedirect( self + "?phase=check" ); } else if (phase.equals("check")) { Cookie[] cookies = req.getCookies(); boolean hasCookies = false; if (cookies != null) { for (int i = 0; i < cookies.length; i++) { log("cookie " + cookies[i].getName() + "=" + cookies[i].getValue()); if (cookies [i].getName ().equals (probeName)) { if (cookies[i].getValue().equals(req.getServletPath())) { hasCookies = true; break; } } } } String where; String message = ""; if (hasCookies) { where = getInitParameter("urlCookies"); if (where == null || where.equals("")) { where = null; message = "Client allows cookies"; } } else { where = getInitParameter("urlNoCookies"); if (where == null || where.equals("")) { where = null; message = "Client does not allow cookies"; } } if (where == null) { res.setContentType("text/plain"); res.getWriter().println(message); } else { res.sendRedirect(where); } } } }