W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2002

Re: Proxies and Real IP addresses...

From: Alex Rousskov <rousskov@measurement-factory.com>
Date: Wed, 18 Dec 2002 12:49:28 -0700 (MST)
To: "Remi B. Smith" <remibosco@hotmail.com>
cc: ietf-http-wg@w3.org
Message-ID: <Pine.BSF.4.44.0212181243190.78128-100000@measurement-factory.com>

On Wed, 18 Dec 2002, Remi B. Smith wrote:

> Would something as simple as a hidden field in a form that contains the IP
> from the remote computer make it through the proxy?

Yes, in general. However, not all remote computers have a (single,
unique, static) IP address. Some remote computers have no IP address.
Not all browsers will let you access client IP address. Not all users
are humans using browsers.

> Or is there a much more complex solution?

IMHO, the _correct_ solution is (usually) to avoid relying on IP-level
information because it may not be available, is not reliable, easily
spoofed, and has virtually nothing to do with HTTP or even the Web.

Alex.

-- 
                            | HTTP performance - Web Polygraph benchmark
www.measurement-factory.com | HTTP compliance+ - Co-Advisor test suite
                            | all of the above - PolyBox appliance
Received on Wednesday, 18 December 2002 14:49:34 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:21 GMT