文章内容
2019/5/15 0:02:55,作 者: 黄兵
request.headers.getlist("X-Forwarded-For")[0] 多ip问题
如果在Flask中你这样获取客户端IP:
# get remote ip if request.headers.getlist("X-Forwarded-For"): get_remote_ip = request.headers.getlist("X-Forwarded-For")[0] else: get_remote_ip = request.remote_addr client_ip = get_remote_ip
如果nginx透过CDN的方式,有可能获取到如下的IP地址:
x-forwarded-for: 62.211.19.218, 177.168.159.85
一般X-FORWARDED-FOR
形式如下:
X-Forwarded-For: client1, proxy1, proxy2, ...
您不应该信任X-Forwarded-For
或任何其他标头值,因为它们可以被不受信任的代理或其他东西操纵......
如果您使用nginx作为反向代理,您也可以检查 request.environ['HTTP_X_REAL_IP']
可以通过:
client_ip = request.access_route[0]
获取客户端的IP地址。
下面是access_route()的具体实现方式:
@cached_property def access_route(self): """If a forwarded header exists this is a list of all ip addresses from the client ip to the last proxy server. """ if 'HTTP_X_FORWARDED_FOR' in self.environ: addr = self.environ['HTTP_X_FORWARDED_FOR'].split(',') return self.list_storage_class([x.strip() for x in addr]) elif 'REMOTE_ADDR' in self.environ: return self.list_storage_class([self.environ['REMOTE_ADDR']]) return self.list_storage_class()
参考资料:
1、How to get the first client ip from X-Forwarded-For behind nginx + Gunicorn? [duplicate]
黄兵个人博客原创。
转载请注明出处:黄兵个人博客 - request.headers.getlist("X-Forwarded-For")[0] 多ip问题
评论列表