***DO NOT COPY FROM CHEGG PLEASE!!!!! READ WELL THE INSTRUCTIONS

6 (10 points). Rewrite the serveFile() method such that it imposes a maximum file size limit. If a user attempts to download a file that is larger than the maximum allowed size, write a log entry to a file called error_log and return a 403 Forbidden HTTP response code.

a (5 points). What happens if an attacker tries to download /dev/random after you have made your modification?

b (5 points). What might be some alternative ways in which to implement the maximum file size limit?

85 public void serveFile (OutputStreamWriter osw, 86 String pathname) throws Exception { 87 FileReader fr = null; 88 int c = -1; 89 StringBuffer sb = new StringBuffer(); 90 91 /* Remove the initial slash at the beginning 92 of the pathname in the request. */ 93 if (pathname.charAt(0) == '/') 94 pathname = pathname.substring(1); 95 96 /* If there was no filename specified by the 97 client, serve the "index.html" file. */ 98 if (pathname.equals("")) 99 pathname = "index.html"; 100 101 /* Try to open file specified by pathname. */ 102 try { 103 fr = new FileReader (pathname); 104 c = fr.read(); 105 } 106 catch (Exception e) { 107 /* If the file is not found, return the 108 appropriate HTTP response code. */ 109 osw.write ("HTTP/1.0 404 Not Found "); 110 return; 111 } 112 113 /* If the requested file can be successfully opened 114 and read, then return an OK response code and 115 send the contents of the file. */ 116 osw.write ("HTTP/1.0 200 OK "); 117 while (c != -1) { 42 CHAPTER 2 n SECURE SYSTEMS DESIGN 118 sb.append((char)c); 119 c = fr.read(); 120 } 121 osw.write (sb.toString()); 122 }