获取IP（Get IP）.docVIP

获取IP（Get IP） ASP.net obtains the clients IP, the most common is to use the following code: String user_IP System.Web.HttpContext.Current.Request.ServerVariables[= REMOTE_ADDR]; to understand the situation of the proxy server, we will know, if the user to use a proxy server, the code is the IP address of the proxy server; if the user uses multiple proxy servers, is the last one the IP address of the proxy server to server. REMOTE_ADDR description: Accessing the clients IP address. This information cannot be modified by the user. If you really change it, you can not connect to the server, the server is in accordance with this to establish a connection with the client and communicate. Actually, I tested and modified this ServerVariables, and it didnt work at all. Still obtained is the actual value. Another: Request.UserHostAddress and Request.ServerVariables[, REMOTE_ADDR] are actually the same value. How do you bypass the proxy server and get the users real IP address? At this point, we usually have code similar to this (here Im simply not making some boundary judgments) Private static string (getIp) {if (System.Web.HttpContext.Current.Request.ServerVariables[HTTP_VIA]! = null) return System.Web.HttpContext.Current.Request.ServerVariables[HTTP_X_FORWARDED_FOR].Split (New char[]{, [0] else}); return System.Web.HttpContext.Current.Request.ServerVariables[REMOTE_ADDR];} This is enough? This is a problem, HTTP_X_FORWARDED_FOR and HTTP_VIA can be false. If there is a SQL injection here, it can be very serious. Lets take a closer look at the two HTTP_X_FORWARDED_FOR, HTTP_VIA and ServerVariables. HTTP_VIA If you have this information, it proves that you have used the proxy server, and the address of the proxy server is the following value. HTTP_X_FORWARDED_FOR If you have this information, it also proves that you have used the proxy server. The address of the proxy server is the following value. Note that the value of HTTP_X_FORWARDED_FOR does not necessarily have only one