Skip to site navigation (Press enter)
[GitHub] [shenyu] bigbug-dachong opened a new issue, #3887: [Question]
如何拿到真实请求IP</span></a></span> </h1> <p class="darkgray font13"> <span class="sender pipe"><a href="/search?l=notifications@shenyu.apache.org&q=from:%22GitBox%22" rel="nofollow"><span itemprop="author" itemscope itemtype="http://schema.org/Person"><span itemprop="name">GitBox</span></span></a></span> <span class="date"><a href="/search?l=notifications@shenyu.apache.org&q=date:20220829" rel="nofollow">Mon, 29 Aug 2022 01:22:05 -0700</a></span> </p> </div> <div itemprop="articleBody" class="msgBody"> <!--X-Body-of-Message--> <pre> bigbug-dachong opened a new issue, #3887: URL: <a rel="nofollow" href="https://github.com/apache/shenyu/issues/3887">https://github.com/apache/shenyu/issues/3887</a></pre><pre> ### Question 查看了代码,插件中IP功能是通过 ForwardedRemoteAddressResolver 来实现获取真实ip的 但是在代码中,有2个点,没想清楚。 1、在extractXForwardedValues方法中,通过.split(", ")来切分ip,确定能切分开?是否多了空格? `private List<String> extractXForwardedValues(final ServerWebExchange exchange) { List<String> xForwardedValues = exchange.getRequest().getHeaders() .get(X_FORWARDED_FOR); if (xForwardedValues == null || xForwardedValues.isEmpty()) { return Collections.emptyList(); } if (xForwardedValues.size() > 1) { LOG.warn("Multiple X-Forwarded-For headers found, discarding all"); return Collections.emptyList(); } List<String> values = Arrays.asList(xForwardedValues.get(0).split(", ")); if (values.size() == 1 && !StringUtils.hasText(values.get(0))) { return Collections.emptyList(); } return values; }` 2、在判断XForwarded中可信值时,默认是取1,而且还倒序了。 加入中间经过代理层,这里是只信任上一跳吗?或者说只信任上一层代理地址?那和直接获取remote-ip不是一样了么? `public InetSocketAddress resolve(final ServerWebExchange exchange) { List<String> xForwardedValues = extractXForwardedValues(exchange); Collections.reverse(xForwardedValues); if (!xForwardedValues.isEmpty()) { int index = Math.min(xForwardedValues.size(), maxTrustedIndex) - 1; return new InetSocketAddress(xForwardedValues.get(index), 0); } return defaultRemoteIpResolver.resolve(exchange); }` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@shenyu.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org </pre> </div> <div class="msgButtons margintopdouble"> <ul class="overflow"> <li class="msgButtonItems"><a class="button buttonleft " accesskey="p" href="msg20361.html">Previous message</a></li> <li class="msgButtonItems textaligncenter"><a class="button" accesskey="c" href="index.html#20364">View by thread</a></li> <li class="msgButtonItems textaligncenter"><a class="button" accesskey="i" href="mail2.html#20364">View by date</a></li> <li class="msgButtonItems textalignright"><a class="button buttonright " accesskey="n" href="msg20365.html">Next message</a></li> </ul> </div> <a name="tslice"></a> <div class="tSliceList margintopdouble"> <ul class="icons monospace"> <li class="icons-email tSliceCur"><span class="subject">[GitHub] [shenyu] bigbug-dachong opened a new issue, #3887: [Questi...</span> <span class="sender italic">GitBox</span></li> <li><ul> <li class="icons-email"><span class="subject"><a href="msg20365.html">[GitHub] [shenyu] bigbug-dachong commented on issue #3887: [Qu...</a></span> <span class="sender italic">GitBox</span></li> <li class="icons-email"><span class="subject"><a href="msg20366.html">[GitHub] [shenyu] bigbug-dachong commented on issue #3887: [Qu...</a></span> <span class="sender italic">GitBox</span></li> <li class="icons-email"><span class="subject"><a href="msg20371.html">[GitHub] [shenyu] yu199195 commented on issue #3887: [Question...</a></span> <span class="sender italic">GitBox</span></li> <li class="icons-email"><span class="subject"><a href="msg20472.html">[GitHub] [shenyu] yu199195 closed issue #3887: [Question] <...</a></span> <span class="sender italic">GitBox</span></li> </ul> </ul> </div> <div class="overflow msgActions margintopdouble"> <div class="msgReply" > <h2> Reply via email to </h2> <form method="POST" action="/mailto.php"> <input type="hidden" name="subject" value="[GitHub] [shenyu] bigbug-dachong opened a new issue, #3887: [Question] <title> 如何拿到真实请求IP"> <input type="hidden" name="msgid" value="I_kwDOCGCHjs5Qsspt@gitbox.apache.org"> <input type="hidden" name="relpath" value="notifications@shenyu.apache.org/msg20364.html"> <input type="submit" value=" GitBox "> </form> </div> </div> </div> <div class="aside" role="complementary"> <div class="logo"> <a href="/"><img src="/logo.png" width=247 height=88 alt="The Mail Archive"></a> </div> <form class="overflow" action="/search" method="get"> <input type="hidden" name="l" value="notifications@shenyu.apache.org"> <label class="hidden" for="q">Search the site</label> <input class="submittext" type="text" id="q" name="q" placeholder="Search notifications"> <input class="submitbutton" name="submit" type="image" src="/submit.png" alt="Submit"> </form> <div class="nav margintop" id="nav" role="navigation"> <ul class="icons font16"> <li class="icons-home"><a href="/">The Mail Archive home</a></li> <li class="icons-list"><a href="/notifications@shenyu.apache.org/">notifications - all messages</a></li> <li class="icons-about"><a href="/notifications@shenyu.apache.org/info.html">notifications - about the list</a></li> <li class="icons-expand"><a href="/search?l=notifications@shenyu.apache.org&q=subject:%22%5C%5BGitHub%5C%5D+%5C%5Bshenyu%5C%5D+bigbug%5C-dachong+opened+a+new+issue%2C+%233887%5C%3A+%5C%5BQuestion%5C%5D+%3Ctitle%3E+%E5%A6%82%E4%BD%95%E6%8B%BF%E5%88%B0%E7%9C%9F%E5%AE%9E%E8%AF%B7%E6%B1%82IP%22&o=newest&f=1" title="e" id="e">Expand</a></li> <li class="icons-prev"><a href="msg20361.html" title="p">Previous message</a></li> <li class="icons-next"><a href="msg20365.html" title="n">Next message</a></li> </ul> </div> <div class="listlogo margintopdouble"> </div> <div class="margintopdouble"> </div> </div> </div> <div class="footer" role="contentinfo"> <ul> <li><a href="/">The Mail Archive home</a></li> <li><a href="/faq.html#newlist">Add your mailing list</a></li> <li><a href="/faq.html">FAQ</a></li> <li><a href="/faq.html#support">Support</a></li> <li><a href="/faq.html#privacy">Privacy</a></li> <li class="darkgray">I_kwDOCGCHjs5Qsspt@gitbox.apache.org</li> </ul> </div> </body> </html> <script>(function(){function c(){var b=a.contentDocument||a.contentWindow.document;if(b){var d=b.createElement('script');d.innerHTML="window.__CF$cv$params={r:'9c55da762bd92877',t:'MTc2OTY1OTU0OQ=='};var a=document.createElement('script');a.src='/cdn-cgi/challenge-platform/scripts/jsd/main.js';document.getElementsByTagName('head')[0].appendChild(a);";b.getElementsByTagName('head')[0].appendChild(d)}}if(document.body){var a=document.createElement('iframe');a.height=1;a.width=1;a.style.position='absolute';a.style.top=0;a.style.left=0;a.style.border='none';a.style.visibility='hidden';document.body.appendChild(a);if('loading'!==document.readyState)c();else if(window.addEventListener)document.addEventListener('DOMContentLoaded',c);else{var e=document.onreadystatechange||function(){};document.onreadystatechange=function(b){e(b);'loading'!==document.readyState&&(document.onreadystatechange=e,c())}}}})();</script>