V
Victor
Is there any official documentation on Request.ServerVariables("HTTP_X_FORWARDED_FOR")
Googling I've found everyone repeating the same information - claiming that
HTTP_X_FORWARDED_FOR is the real IP address if a proxy is being used, and that if it
contains a value then it's the real IP address of the visitor.
But this isn't consistent with what I am seeing. Sometimes HTTP_X_FORWARDED_FOR contains
a single IP value, but I am also seeing it contain a LIST of IP addresses - I'm seeing
this:
HTTP_X_FORWARDED_FOR = IPaddress1, IPaddress2
REMOTE_ADDR = IPaddress3
where two IP addresses are separated by a comma. Of course, that entire string for
HTTP_X_FORWARDED_FOR is not a valid IP address, so what the correct IP?
Some websites say you take the first IP address, others say loop through the addresses &
see if one matches the Class B domain of the REMOTE_ADDR IP address...
Ack!
Is there any "official" docs on this?
Thanks,
Vic
Googling I've found everyone repeating the same information - claiming that
HTTP_X_FORWARDED_FOR is the real IP address if a proxy is being used, and that if it
contains a value then it's the real IP address of the visitor.
But this isn't consistent with what I am seeing. Sometimes HTTP_X_FORWARDED_FOR contains
a single IP value, but I am also seeing it contain a LIST of IP addresses - I'm seeing
this:
HTTP_X_FORWARDED_FOR = IPaddress1, IPaddress2
REMOTE_ADDR = IPaddress3
where two IP addresses are separated by a comma. Of course, that entire string for
HTTP_X_FORWARDED_FOR is not a valid IP address, so what the correct IP?
Some websites say you take the first IP address, others say loop through the addresses &
see if one matches the Class B domain of the REMOTE_ADDR IP address...
Ack!
Is there any "official" docs on this?
Thanks,
Vic