HTTP_X_FORWARDED_FOR
這個值是可以 (容易) 偽造的
也不一定能透過這個值來取得用戶端的真實 IP
HTTP_X_FORWARDED_FOR 的值可能長的像這樣:
!!Server 端無法靠 HTTP_X_FORWARDED_FOR 來取的用戶端的真實 IP
unknown (看!怪資料)
192.168.0.12, 192.168.236.1 (多組 IP !local ip 也來了)
101.14.2.1, 101.14.2.1
1.168.1.1, 172.30.4.1, 61.219.37.1 ( 61.219.37.1 = sys1-p2-1.hiproxy.hinet.net)
2001:288:2325:20:d1e7:18:xxx:xxx (居然也有 IPv6 )
127.0.0.1 (看!怪資料)
!! HTTP_X_FORWARDED_FOR 極可能帶來 SQL Injection 的危險
!!HTTP_X_FORWARDED_FOR 中有多組 IP 是因為一層層 proxy server 加上去的(由左往右加上去,以逗號隔開)
另外還有個相關的:
HTTP_VIA
1.1 sys1-p1-191:8100 (squid/2.7.STABLE9), 1.0 proxyout:8200 (squid/2.7.STABLE9), 1.0 proxyout:8300 (squid/2.7.STABLE9)
1.1 ICCCI-FC14-i7 (squid/3.1.12), 1.1 localhost.localdomain (squid/3.1.10)
1.1 Cache2 (NetCache NetApp/6.0.7)
1.1 l4proxy03 (squid/3.1.10)
1.0 translate.google.com TWSFE/0.9