網上常見的方式是:
public static String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader("X-Forwarded-For");
if (ip == null || "".equals(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || "".equals(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || "".equals(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
if (ip != null && !"".equals(ip)) {
String[] ips = ip.split(",");
for (int i = 0; i < ips.length; i++) {
if (ips[i] != null && !"".equals(ips[i])
&& !"unknown".equalsIgnoreCase(ips[i])) {
ip = ips[i];
break;
}
}
}
return ip;
}
但是這種方式容易被篡改IP,所以一般是用 request.getHeader("X-Real-IP")
可以防止IP篡改繞過