獲取使用者端真實IP地址
阿新 • • 發佈:2019-02-18
獲取使用者真實IP地址,不使用request.getRemoteAddr();的原因是有可能使用者使用了代理軟體方式避免真實IP地址, 參考文章:
http://developer.51cto.com/art/201111/305181.htm
可是,如果通過了多級反向代理的話,X-Forwarded-For的值並不止一個,而是一串IP值,究竟哪個才是真正的使用者端的真實IP呢?
答案是取X-Forwarded-For中第一個非unknown的有效IP字串。
如:X-Forwarded-For:192.168.1.110, 192.168.1.120, 192.168.1.130,
192.168.1.100
http://developer.51cto.com/art/201111/305181.htm
可是,如果通過了多級反向代理的話,X-Forwarded-For的值並不止一個,而是一串IP值,究竟哪個才是真正的使用者端的真實IP呢?
答案是取X-Forwarded-For中第一個非unknown的有效IP字串。
如:X-Forwarded-For:192.168.1.110, 192.168.1.120, 192.168.1.130,
192.168.1.100
使用者真實IP為: 192.168.1.110
public static String getIpAddress(HttpServletRequest request) { String ip = request.getHeader("x-forwarded-for"); if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("WL-Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_CLIENT_IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_X_FORWARDED_FOR"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getRemoteAddr(); } return ip; }