{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 一纸荒年 Trace。 的问题《What is the difference between X-Forwarded-For and》','https://www.manongdao.com/q-264670.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
To obtain the client IP address in my ASP.NET application I've used the X-Forwarded-For, and get the first IP address from the list (accordingly to the information I've found, there is a client, proxy1, proxy2..). But I've heard recently that it is better to get this information from X-Forwarded-IP header because the client IP address in X-Forwarded-For can be modified by proxy, what is the difference, and which one address should I use?
相关问题
- PHP Empty $_POST
- Can't configure nginx as a proxy for tomcat wi
- Extract Location from Response Header with JMeter
- R connect via proxy in Ubuntu
- Java - How to get annotations from Proxy class?
相关文章
- Is there a size limit for HTTP response headers on
- What is the definition of HTTP_X_PURPOSE?
- Why does Google Chrome NOT use cached pages when I
- Angular CLI: Proxy websocket with proxy.conf.json
- OSX proxy issue with homebrew install
- What to do with extra HTTP header from proxy?
- Can I set an Access-Control-Allow-Origin header to
- Firebug console error HTTP 407 Proxy Authenticatio
X-Forwarded-Foris the conventional way of identifying the originating IP address of the user connecting to the web server coming from either a HTTP proxy, load balancer.X-Forwarded-IPis the conventional way of identifying the originating IP address of the user connecting to the email server through an HTTP mail service.X-Forwarded-For is a non-standard header, introduced originally by Squid. It is a proxy- specific header, that helps a server identify the original requestor of a call that did pass-through the proxy - so obviously any proxy on the request path should/will modify X-Forwarded-For. Without proxy on the request path, this header shouldn't even be in the request.
Because this header is non-standard, there is no guarantee you'll get it, and the way it is handled can differ on the proxy implementation. You have no guarantee either that it will contain a proper IP.
Since 2014, the IETF has approved a standard header definition for proxy, called "Forwarded", documented here https://tools.ietf.org/html/rfc7239 that should be use instead of X-Forwarded headers. This is the one you should use reliably to get originating IP in case your request is handled by a proxy.
In general, the proxy headers (Forwarded or X-Forwarded-For) are the right way to get your client IP only when you are sure they come to you via a proxy. If there is no proxy header or no usable value in, you should default to the REMOTE_ADDR server variable.