服務器如何通過ajax調用識別我們的IP？

Question

只是簡單的ajax調用他們如何獲得我們的IP地址。

$.getJSON('//ipinfo.io/', function(data) { 
    console.log(JSON.stringify(data, null, 2)); 
}); 

我試過在我的瀏覽器控制檯上快速獲取IP，但不知道它們是如何檢測到的。

Answer 1

JavaScript代碼來獲取IP

//get the IP addresses associated with an account 
function getIPs(callback){ 
    var ip_dups = {}; 

    //compatibility for firefox and chrome 
    var RTCPeerConnection = window.RTCPeerConnection 
     || window.mozRTCPeerConnection 
     || window.webkitRTCPeerConnection; 
    var useWebKit = !!window.webkitRTCPeerConnection; 

    //bypass naive webrtc blocking using an iframe 
    if(!RTCPeerConnection){ 
     //NOTE: you need to have an iframe in the page right above the script tag 
     // 
     //<iframe id="iframe" sandbox="allow-same-origin" style="display: none"></iframe> 
     //<script>...getIPs called in here... 
     // 
     var win = iframe.contentWindow; 
     RTCPeerConnection = win.RTCPeerConnection 
      || win.mozRTCPeerConnection 
      || win.webkitRTCPeerConnection; 
     useWebKit = !!win.webkitRTCPeerConnection; 
    } 

    //minimal requirements for data connection 
    var mediaConstraints = { 
     optional: [{RtpDataChannels: true}] 
    }; 

    var servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]}; 

    //construct a new RTCPeerConnection 
    var pc = new RTCPeerConnection(servers, mediaConstraints); 

    function handleCandidate(candidate){ 
     //match just the IP address 
     var ip_regex = /([0-9]{1,3}(\.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/ 
     var ip_addr = ip_regex.exec(candidate)[1]; 

     //remove duplicates 
     if(ip_dups[ip_addr] === undefined) 
      callback(ip_addr); 

     ip_dups[ip_addr] = true; 
    } 

    //listen for candidate events 
    pc.onicecandidate = function(ice){ 

     //skip non-candidate events 
     if(ice.candidate) 
      handleCandidate(ice.candidate.candidate); 
    }; 

    //create a bogus data channel 
    pc.createDataChannel(""); 

    //create an offer sdp 
    pc.createOffer(function(result){ 

     //trigger the stun server request 
     pc.setLocalDescription(result, function(){}, function(){}); 

    }, function(){}); 

    //wait for a while to let everything done 
    setTimeout(function(){ 
     //read candidate info from local description 
     var lines = pc.localDescription.sdp.split('\n'); 

     lines.forEach(function(line){ 
      if(line.indexOf('a=candidate:') === 0) 
       handleCandidate(line); 
     }); 
    }, 1000); 
} 

//Test: Print the IP addresses into the console 
getIPs(function(ip){console.log(ip);}); 

Answer 2

HTTP頭中的請求將源IP在裏面。接收到這些請求的系統（在你的情況下爲ipinfo.io）可以檢查這一點，並輕鬆地發回調用者的IP。

但是，似乎ipinfo.io只是檢測您的出站服務器的IP地址。也就是說，如果您位於局域網或代理服務器後面，ipinfo.io只會檢測到該IP地址，而不是您實際系統的IP地址。爲此，將使用HTTP標頭X-Forwarded-For。