- From: Alex Rousskov <rousskov@measurement-factory.com>
- Date: Wed, 18 Dec 2002 12:49:28 -0700 (MST)
- To: "Remi B. Smith" <remibosco@hotmail.com>
- cc: ietf-http-wg@w3.org
On Wed, 18 Dec 2002, Remi B. Smith wrote:
> Would something as simple as a hidden field in a form that contains the IP
> from the remote computer make it through the proxy?
Yes, in general. However, not all remote computers have a (single,
unique, static) IP address. Some remote computers have no IP address.
Not all browsers will let you access client IP address. Not all users
are humans using browsers.
> Or is there a much more complex solution?
IMHO, the _correct_ solution is (usually) to avoid relying on IP-level
information because it may not be available, is not reliable, easily
spoofed, and has virtually nothing to do with HTTP or even the Web.
Alex.
--
| HTTP performance - Web Polygraph benchmark
www.measurement-factory.com | HTTP compliance+ - Co-Advisor test suite
| all of the above - PolyBox appliance
Received on Wednesday, 18 December 2002 14:49:34 UTC