当用户使用代理(Google数据保护程序等)时,浏览器会将X-Forwarded-For添加到客户端的真实IP地址到服务器.我们的负载均衡器将客户端的IP地址作为X-Forwarded-For标头传递给Nginx服务器.示例请求标头:
X-Forwarded-For: 1.2.3.4
X-Forwarded-Port: 80
X-Forwarded-Proto: http
Host: *.*.*.*
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,tr;q=0.6
Save-Data: on
Scheme: http
Via: 1.1 Chrome-Compression-Proxy
X-Forwarded-For: 1.2.3.5
Connection: Keep-alive
有没有办法将两个X-Forwarded-For标头分别传递给PHP?
解决方法:
TL; DR
> Nginx:fastcgi_param HTTP_MERGED_X_FORWARDED_FOR $http_x_forwarded_for
> PHP:$_SERVER [‘HTTP_MERGED_X_FORWARDED_FOR’]
说明
您可以使用the $http_<header_name> variable访问所有http标头.使用此变量时,Nginx甚至会为您执行标头合并
CustomHeader: foo
CustomHeader: bar
获取转换为值:
foo, bar
因此,您需要做的就是将此变量传递给PHP with fastcgi_param
fastcgi_param HTTP_MERGED_X_FORWARDED_FOR $http_x_forwarded_for
概念证明:
在你的Nginx服务器块中:
location ~ \.PHP${
fastcgi_pass unix:run/PHP/PHP5.6-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTP_MERGED_X_FORWARDED_FOR $http_x_forwarded_for;
include fastcgi_params;
}
test.PHP的
<?PHP
die($_SERVER['HTTP_MERGED_X_FORWARDED_FOR']);
最后看看curl会发生什么:
curl -v -H 'X-Forwarded-For: 127.0.0.1' -H 'X-Forwarded-For: 8.8.8.8' http://localhost/test.PHP
给出以下回应:
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 80 (#0)
> GET /test.PHP HTTP/1.1
> Host: localhost
> User-Agent: curl/7.47.0
> X-Forwarded-For: 127.0.0.1
> X-Forwarded-For: 8.8.8.8
>
< HTTP/1.1 200 OK
< Server: Nginx/1.10.3 (Ubuntu)
< Date: Wed, 01 Nov 2017 09:07:51 GMT
< Content-Type: text/html; charset=UTF-8
< transfer-encoding: chunked
< Connection: keep-alive
<
* Connection #0 to host localhost left intact
127.0.0.1, 8.8.8.8
繁荣!在那里,您可以访问所有X-FORWARDED-FOR标头,作为$_SERVER中的逗号分隔字符串[‘HTTP_MERGED_X_FORWARDED_FOR’]
当然,您可以使用您想要的任何名称,而不仅仅是HTTP_MERGED_X_FORWARDED_FOR.
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。
