LAN IP地址的JavaScript检测 [英] JavaScript detection of LAN IP address

问题描述

我一直在使用以下代码来检测运行某些专有软件的客户端的LAN IP地址(请不要我不应该这样做"，我没有编写代码).

I have been using the following code to detect the LAN IP address of a client running some proprietary software (please no "you shouldn't do this", I didn't write the code).

function ip_local()
{
 var ip = false;
 window.RTCPeerConnection = window.RTCPeerConnection || window.mozRTCPeerConnection || window.webkitRTCPeerConnection || false;

 if (window.RTCPeerConnection)
 {
  ip = [];
  var pc = new RTCPeerConnection({iceServers:[]}), noop = function(){};
  pc.createDataChannel('');
  pc.createOffer(pc.setLocalDescription.bind(pc), noop);

  pc.onicecandidate = function(event)
  {
   if (event && event.candidate && event.candidate.candidate)
   {
    var s = event.candidate.candidate.split('\n');
    ip.push(s[0].split(' ')[4]);
   }
  }
 }

 return ip;
}
ip_local();

这是另一个StackOverflow帖子中的内容，直到今天下午，该代码已经可以正常工作一年半了.

Which is from another StackOverflow post, the code has been working fine for a year and a half up until this afternoon.

我的本​​地IP似乎被检测为153b3a68-e3fb-4451-9717-d9b3bc2b5c60.local，而不是通常的192.168.0.11.

Where as my local ip seems to be detected as 153b3a68-e3fb-4451-9717-d9b3bc2b5c60.local instead of the usual 192.168.0.11.

如果有人在意，这个问题是无法绕过的，必须通过服务器端语言来解决，就我而言，我最终将PHP用作解决该问题的临时创可贴".

If anyone cares, this issue is NOT bypassable and has to be done via a server side language, in my case I ended up using PHP as a temporary "bandaid" over the problem.

这对我的应用程序来说是个问题，因为它会检测主机上是否正在运行本地服务器.如果无法检测到LAN IP地址，它将无法执行该操作.

This is a problem for my app as it detects whether a local server is running on the host.. Which it cannot do if it cannot detect the LAN IP address.

推荐答案

这是新安全标准的一部分，目的是防止私有IP地址泄漏.

This is part of a new security standard, to prevent leakage of private IP addresses.

另请参见: https://工具. ietf.org/html/draft-ietf-rtcweb-mdns-ice-candidates-02

摘要:

如[IPHandling]中所述，通过以下方式公开客户端专用IP地址: 默认值最大程度地增加了成功创建直接交易的可能性 两个客户端之间的对等连接，但会创建一个 用户指纹的重要表面. [IPHandling]识别 这个问题，但也承认目前没有解决方案 问题;选择使用模式3来解决 隐私问题通常会因连接失败或连接不佳而受到影响 在WebRTC应用程序中.在不受管理的情况下，这尤其是一个问题 网络，通常是家庭或小型办公室，可能会发生NAT环回 不支持.

As detailed in [IPHandling], exposing client private IP addresses by default maximizes the probability of successfully creating direct peer-to-peer connection between two clients, but creates a significant surface for user fingerprinting. [IPHandling] recognizes this issue, but also admits that there is no current solution to this problem; implementations that choose to use Mode 3 to address the privacy concerns often suffer from failing or suboptimal connections in WebRTC applications. This is particularly an issue on unmanaged networks, typically homes or small offices, where NAT loopback may not be supported.

本文档通过以下方式提出了针对此问题的整体解决方案 为每个本地私有IP地址注册临时mDNS名称， 然后将这些名称(而不是IP地址)提供给 收集ICE候选者的Web应用程序. WebRTC 实现将这些名称解析为IP地址并执行ICE 像往常一样进行处理，但是实际的IP地址没有暴露给 Web应用程序.

This document proposes an overall solution to this problem by registering ephemeral mDNS names for each local private IP address, and then providing those names, rather than the IP addresses, to the web application when it gathers ICE candidates. WebRTC implementations resolve these names to IP addresses and perform ICE processing as usual, but the actual IP addresses are not exposed to the web application.

这篇关于LAN IP地址的JavaScript检测的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！