[KLUG Members] Getting X-Forwarded-For
Adam Tauno Williams
adam at morrison-ind.com
Fri Jan 6 10:31:21 EST 2006
On Fri, 2006-01-06 at 10:16 -0500, Bruce Smith wrote:
> I'm sure this works because I was recently surfing some site through
> squid, and it had one of those little things on the web page that tells
> you what IP you're coming from, what browser you're using, etc. And it
> listed the IP of the proxy server AND the real IP of my workstation.
> I remember wondering at the time how it knew my workstation's IP.
> Unfortunately I can't remember what site this was. :-(
> Did you try a phpinfo() and doing a browser-search for the info?
> And you're not by chance bypassing the proxy on a local web server? :-)
The magickal properties of this list are at work; I figured it out
immediately after hitting send. My request is SSL encrypted so it goes
through the proxy as a DIRECT and the proxy can't add/modify an
encrypted connection. Duh! So we'll have to have the client make a
request to an unencrypted (and non-authenticated URL so the http headers
don't go flying in the clear) URL via a Javascript OnLoad or something
similiar. We want to create a table that acts like a wtmp file with
username, ip, user-agent, and time for when they hit the intranet home
page. This is mostly to help find old versions of browsers and to
identify in a loose fashion who uses what computer and what computers
never get used.
> > When an HTTP client traverses a proxy the proxy is supposed to add the
> > X-Forwarded-For (I have "forwarded_for on" in my squid.conf). So in PHP
> > code I want to grab the value of this header, but for the life of me I
> > can't find the thing.
> >
> > $headers = apache_request_headers();
> > if (array_key_exists('X-Forwarded-For', $headers)) {
> > printf("Ah ha! You crazy cat, you\'re using a proxy server!\n");
> > printf("Your host\'s IP address is %s\n",
> > $headers["X-Forwarded-For"]);
> > } else {
> > printf("Oh, my! Aren't we a slacker, not bothering to use a proxy
> > server.\n");
> > printf("Your host's IP address is: %s\n", $_SERVER['REMOTE_ADDR']);
> > }
> >
> > <aside>Googling on this pretty much just finds a bunch of twits who want
> > to appear smart so they are going on and on about how you can't trust
> > HTTP headers and not to use them for authentication, blah, blah, blah
> > (pretty much all copy-n-pasting something they read somewhere);
> > sometimes Google is very frustrating.</aside>
> >
> > The above code always says a proxy is not in use although it merrily
> > returns the IP address of the proxy. Anyone know if this is a squid
> > thing, and apache thing, or a PHP thing?
>
>
> _______________________________________________
> Members mailing list
> Members at kalamazoolinux.org
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.kalamazoolinux.org/pipermail/members/attachments/20060106/b9a2d113/attachment.bin
More information about the Members
mailing list