stackoom
  简体   繁体   中英

How to get IP Address of REST Consumer

 原文  2014-06-02 08:01:38       php/ rest

Question

I would try to explain in diagrams 

[REST SERVER] <--------> [JAVASCRIPT BASED WEBSITE]  <--------> [USER]
192.168.0.2              192.168.0.3                            192.168.0.123

How can I get the IP of the website that consumes the REST server instead of the USER's IP.

I tried using $_SERVER['REMOTE_ADDR'] and $_SERVER['HTTP_REFERRER'] but they both return the IP of the user.

Is it possible in the web? I'm using PHP for my REST server.

3 answers

solution1
 4  2014-06-02 08:04:37

You cannot do this securely. You will have to make the javascript pass this to the server. And since javascript is run client side, this can be spoofed.

And even then, javascript does not have native functions to get you the IP address of the website. It can give you the domain name though. And then in, for example, PHP you can resolve this domain name to an IP address. Or have the javascript based web server give its IP address directly along. For example with the help of PHP, you can do in javascript: var myIP = '<?php echo $_SERVER['SERVER_ADDR']; ?>'; var myIP = '<?php echo $_SERVER['SERVER_ADDR']; ?>';

solution2
 4 ACCPTED  2014-06-02 08:06:26

I'll assume here that you mean the website is hosted on 192.168.0.3 . This means the user will be downloading the Javascript and HTML data from said server, and then execute it locally on 192.168.0.123 . That Javascript is then going to make remote calls to the REST service from that local IP.

You want to know how to get the IP of the server that hosted the Javascript/HTML files before the client downloaded them, presumably in a reliable fashion. And the answer is that this is not possible. Because your actual schema looks like this: 

[JAVASCRIPT BASED WEBSITE] <--------> [USER]
192.168.0.3                           192.168.0.123
                                         ^
                                         |
[REST SERVER] <--------------------------+
192.168.0.2

solution3
 1  2014-06-02 08:11:28

As a sidenote, the Origin header (can be spoofed) is ment for this purpose but a secure workaround would be some kind of handshake between JS server and REST server.

Javascript based webpage requests a token code via serverside, you put this token code into the javascript and send it to the rest server.

The rest server verifies the token code and then you know for sure where the javascript resides.

This is the only method of verifying the origin, it is not possible via plain IP addresses.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How To Get Client IP Address how to get ip address in codeigniter? How to get the IP address of the author post in wordpress How to get contents of IP address in PHP How to get a user's IP address in PHP? PHP: How to get the IP address of a specific VLAN How to get each IP address in subnet? How to get the client IP address in PHP How to get the computer name from ip Address? How to get client IP address in Laravel 5+
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM