[KLUG Members] Getting X-Forwarded-For

[Adam Tauno Williams]

On Fri, 2006-01-06 at 10:16 -0500, Bruce Smith wrote:
> I'm sure this works because I was recently surfing some site through
> squid, and it had one of those little things on the web page that tells
> you what IP you're coming from, what browser you're using, etc.  And it
> listed the IP of the proxy server AND the real IP of my workstation.
> I remember wondering at the time how it knew my workstation's IP.
> Unfortunately I can't remember what site this was.  :-(
> Did you try a phpinfo() and doing a browser-search for the info?
> And you're not by chance bypassing the proxy on a local web server?  :-)

The magickal properties of this list are at work;  I figured it out
immediately after hitting send.  My request is SSL encrypted so it goes
through the proxy as a DIRECT and the proxy can't add/modify an
encrypted connection.  Duh!  So we'll have to have the client make a
request to an unencrypted (and non-authenticated URL so the http headers
don't go flying in the clear) URL via a Javascript OnLoad or something
similiar.  We want to create a table that acts like a wtmp file with
username, ip, user-agent, and time for when they hit the intranet home
page.  This is mostly to help find old versions of browsers and to
identify in a loose fashion who uses what computer and what computers
never get used.

> > When an HTTP client traverses a proxy the proxy is supposed to add the
> > X-Forwarded-For (I have "forwarded_for on" in my squid.conf).  So in PHP
> > code I want to grab the value of this header,  but for the life of me I
> > can't find the thing.
> > 
> > $headers = apache_request_headers();
> > if (array_key_exists('X-Forwarded-For', $headers)) {
> >   printf("Ah ha!  You crazy cat, you\'re using a proxy server!\n");
> >   printf("Your host\'s IP address is %s\n",
> > $headers["X-Forwarded-For"]);
> >  } else {
> >      printf("Oh, my!  Aren't we a slacker,  not bothering to use a proxy
> > server.\n");
> >      printf("Your host's IP address is: %s\n", $_SERVER['REMOTE_ADDR']);
> >     }
> > 
> > <aside>Googling on this pretty much just finds a bunch of twits who want
> > to appear smart so they are going on and on about how you can't trust
> > HTTP headers and not to use them for authentication, blah, blah, blah
> > (pretty much all copy-n-pasting something they read somewhere);
> > sometimes Google is very frustrating.</aside>
> > 
> > The above code always says a proxy is not in use although it merrily
> > returns the IP address of the proxy.  Anyone know if this is a squid
> > thing, and apache thing, or a PHP thing?
> 
> 
> _______________________________________________
> Members mailing list
> Members at kalamazoolinux.org
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.kalamazoolinux.org/pipermail/members/attachments/20060106/b9a2d113/attachment.bin