发表新帖
发表新帖

jsp get ip address

后端 未结
关注
6 1683
挽巷
挽巷 2020-12-20 03:15

whats the best way of preventing someone from voting twice? How do i get the users ip address? What if they are on a large network? will everyone on that network show the sa

相关标签:
6条回答
  • 爱一瞬间的悲伤
    2020-12-20 03:47

    If users are behind NAT router or proxy server, you will see them with the same IP address. Therefore, it is not the best way of allowing users to vote once.

    An alternative would be to use cookies, but again, it is possible to erase the cookie and vote again.

    0 讨论(0)
  • 执笔经年
    2020-12-20 03:48

    In your JSP, use request.getRemoteAddr(). This returns the IP address of the agent that sent the request as a String.

    Also, request.getRemoteHost() will attempt to get the fully qualified host name. If it can't resolve the name however, the IP address will be returned as in getRemoteAddr().

    0 讨论(0)
  • 佛祖请我去吃肉
    2020-12-20 04:04

    You can get the IP address with request.getRemoteAddr(). If the network is using a NAT router, all users will get the same address though

    0 讨论(0)
  • 执笔经年
    2020-12-20 04:04

    In your JSP page simply use this expression: ${pageContext.request.remoteAddr}

    0 讨论(0)
  • 时光说笑
    2020-12-20 04:10

    AFAIK the ONLY way of preventing a second vote is by authenticating. Obviously this is not always possible, so you have to mitigate the possibility of a single user casting a ton of votes.

    • Throttle the voting by source IP. Use the getRemoteAddr() to allow, say... a vote per hour?... per minute? ... it will depend on how much voting you expect. Adjust the number according to experience.
    • Plant a cookie on the response for every voting poll, which expires after the ballot closes.
    • Make it harder to forge requests by checking and validating headers like Referer and User-Agent.
    0 讨论(0)
  • 我在风中等你
    2020-12-20 04:12

    To get the IP of a client behind a router/firewall you can use request.getHeader("X-FORWARDED-FOR").

    The X-Forwarded-For (XFF) HTTP header is a de facto standard for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. http://en.wikipedia.org/wiki/X-Forwarded-For

    Keep in mind though, that this value can be changed by the proxies between you and the client. Though it should be the correct IP.

    0 讨论(0)
 看不清?
提交回复
热议问题