Let's start with the official definition

X-Forwarded-For

X-Forwarded-For (XFF) In the process of client accessing the server, if you need to go through HTTP Proxy or load balancing server , It can be used to obtain the information of the client that originally initiated the request IP Address , This news first became the de facto standard . When the message flow is intercepted from the client to the server , The server-side access log can only record the information of the proxy server or load balancing server IP Address . If you want to get the name of the client who originally initiated the request IP Address if , that X-Forwarded-For That's where it comes in .

This message header will be used for debugging and statistics , And generate customized content based on location , According to the design purpose , It will expose certain privacy and sensitive information , For example, the client's IP Address . So when applying the header of this message , The privacy of users needs to be taken into account .

HTTP In the agreement  Forwarded  It is the standardized version of the first part of this message .

X-Forwarded-For  It is also the first used in an email related agreement , Used to indicate that an email was forwarded from another account .

grammar

X-Forwarded-For: <client>, <proxy1>, <proxy2>
 The specific links ：X-Forwarded-For - HTTP | MDNX-Forwarded-For (XFF)  In the process of client accessing the server, if you need to go through HTTP Proxy or load balancing server , It can be used to obtain the information of the client that originally initiated the request IP Address , This news first became the de facto standard . When the message flow is intercepted from the client to the server , The server-side access log can only record the information of the proxy server or load balancing server IP Address . If you want to get the name of the client who originally initiated the request IP Address if , that  X-Forwarded-For  That's where it comes in .https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers/X-Forwarded-For

Let me use a picture to describe X-Forwarded-For Collection process

There are 6 A step , When a user initiates a website visit , in the light of x-forwarded-for The importance of 5 Nodes have been described ,

An example is user access www.baidu.com

① Convert home LAN to community LAN address , This is also a LAN , Just bigger ;

② Pass the LAN address of the community through SNAT Convert to public address ：36.110.25.116; 

2-3 Dns The service converts the target address of the access into a specific ip;

③ Network access equipment of the computer room where the accessed service is located ip：220.181.38.148;

④ after waf The server ：105.16.35.100;

⑤ Request to reach the company LAN proxy server 101.25.48.201;

Finally, we arrive at the real business server Server. This time from Server Collected on the server X-Forwarded-For The address is as follows ：

X-Forwarded-For: 36.110.25.116,220.181.38.148,105.16.35.100,101.25.48.201

                                  client IP          proxy-ip             proxy-ip            proxy-ip

Reference resources

X-Forwarded-For - HTTP | MDN

X-Forwarded-For and X-Real-IP The difference between ？ - Pig Ah Mei - Blog Garden