获取请求的ip的正确方法是什么 [英] what is the right way to get request's ip

问题描述

我找到了一些在servlet中获取ip的不同方法。但我不知道哪一个是正确的以及为什么。

I find some different ways to get ip in servlet. but i don't know which one is right and why.

1：

request.getHeader( "X-Real-IP" )

2：

  String ip = request.getHeader("X-Forwarded-For"); 
  if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
        ip = request.getHeader("Proxy-Client-IP");  
    }  
    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
        ip = request.getHeader("WL-Proxy-Client-IP");  
    }  
    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
        ip = request.getHeader("HTTP_CLIENT_IP");  
    }  
    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
        ip = request.getHeader("HTTP_X_FORWARDED_FOR");  
    }  
    if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
        ip = request.getRemoteAddr();  
    } `

3：

 String ip=request.getHeader("x-forwarded-for");
                if(ip==null){
                    ip=request.getRemoteAddr();
                }
                String ips[]=ip.split(",");`
                                ip=ips[0];

推荐答案

答案很复杂。

• 如果您的servlet在反向代理或负载均衡器后面的Web服务器上运行，则可以将该Web代理配置为注入请求标头给出请求来自的IP地址。不同的反向代理将注入不同的头。请参阅（前端）服务器的文档。

• If your servlet is running on a webserver that is behind a reverse proxy or load balancer, then that web proxy can be configured to inject a request header that gives the IP address that the request came from. Different reverse proxies will inject different headers. Consult the documentation for your (front-end) server.

如果您的客户端使用（转发）代理，则可能插入标题来说明客户端IP地址是什么......或者它可能不是。并且它插入的IP地址可能不正确。

If your client uses a (forward) proxy, then it might insert headers to say what the client IP address is ... or it might not. And the IP address it insert might be incorrect.

通过调用 request.getRemoteAddr获得的值（）将成为请求的立即上游源的IP地址。

The value you get by calling request.getRemoteAddr() is going to be the IP address of the immediate upstream source of the request.

您列出的标题都不是标准的，但x-forwarded-for被认为是事实上的标准;即它是最有可能被代理插入的那个......如果注入任何东西。

None of the headers that you listed is standard, but "x-forwarded-for" is reputed to be a defacto standard; i.e. it is the one that is most likely to be inserted by a proxy, etc ... if anything is injected.

最后，即使你确实得到了一个IP地址，它不一定会帮助你。例如，如果客户端位于专用网络上并通过NAT网关连接到Internet，则HTTP请求中的IP地址将是NAT服务器的地址...而不是实际的客户端IP。

Finally, even if you did get an IP address, it wouldn't necessarily help you. For instance, if the client sits on a private network and connects to the internet via a NAT gateway, then the IP address in HTTP request will be an address of the NAT server ... not the actual client IP.

那么这一切意味着什么？基本上，这意味着一般你不能可靠地找出请求来自的系统的IP地址。

So what does this all mean? Well basically, it means that in general you cannot reliably find out the IP address of the system that the request originated from.

这篇关于获取请求的ip的正确方法是什么的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！