|
The X-Forwarded-For (XFF) HTTP header field was a common method for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. As of 2014 RFC 7239 standardized a new Forwarded header with similar purpose but more features compared to XFF. An example of a Forwarded header syntax: Forwarded: for=192.0.2.60; proto=http; by=203.0.113.43 The XFF HTTP request header was introduced by the Squid caching proxy server's developers. An RFC was proposed at the Internet Engineering Task Force (IETF).〔(Forwarded HTTP Extension - Proposed Standard ). Tools.ietf.org (2014-06-06). Retrieved on 2014-06-30.〕 X-Forwarded-For is also an email-header indicating that an email-message was forwarded from one or more other accounts (probably automatically).〔http://mailheader.mattiasgeniar.be/headers.php〕In this context, the caching servers are most often those of large ISPs who either encourage or force their users to use proxy servers for access to the World Wide Web, something which is often done to reduce external bandwidth through caching. In some cases, these proxy servers are transparent proxies, and the user may be unaware that they are using them. Without the use of XFF or another similar technique, any connection through the proxy would reveal only the originating IP address of the proxy server, effectively turning the proxy server into an anonymizing service, thus making the detection and prevention of abusive accesses significantly harder than if the originating IP address was available. The usefulness of XFF depends on the proxy server truthfully reporting the original host's IP address; for this reason, effective use of XFF requires knowledge of which proxies are trustworthy, for instance by looking them up in a whitelist of servers whose maintainers can be trusted. ==Format== The general format of the field is: : X-Forwarded-For: client, proxy1, proxy2〔http://www.squid-cache.org/Doc/config/follow_x_forwarded_for/〕 where the value is a comma+space separated list of IP addresses, the left-most being the original client, and each successive proxy that passed the request adding the IP address where it received the request from. In this example, the request passed through proxy1, proxy2, and then proxy3 (not shown in the header). proxy3 appears as remote address of the request. Since it is easy to forge an X-Forwarded-For field the given information should be used with care. The last IP address is always the IP address that connects to the last proxy, which means it is the most reliable source of information. X-Forwarded-For data can be used in a forward or reverse proxy scenario. Just logging the X-Forwarded-For field is not always enough as the last proxy IP address in a chain is not contained within the X-Forwarded-For field, it is in the actual IP header. A web server should log BOTH the request's source IP address and the X-Forwarded-For field information for completeness. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「X-Forwarded-For」の詳細全文を読む スポンサード リンク
|