0

A friend recently ask how to get the public ip address from frontend javascript to send it in the body of a REST API. I don't work with him and he doesn't know why the API needs the ip address in the body so I couldn't get the direct answer.

The question is, send an ip address obtained at the frontend to be used by an API is not an insecure practice? I mean, this could be manipulated from the client side in several ways. But on the other hand that could be to detect any vpn or something else maybe.

I was looking and I found that this seems to be a common practice, since there are lots of services gives you your ip

How to get client's IP address using JavaScript?

Maximo Silva
  • 59
  • 1
  • 2
  • Unsure why you need to grab it to reference the ip in the backend unless you do not control the backend. – epascarello Apr 20 '21 at 17:18
  • There's no reason why the client should have to send this, the server can get it from the network. – Barmar Apr 20 '21 at 17:18
  • what if the servr uses the reverse proxy, in that case , you cannot fetch user ip from backend @Barmar – SAURABH Feb 21 '23 at 06:35
  • 1
    @SAURABH The reverse proxy usually sends the de facto standard `X-Forwarded-For` or the standard `Forwarded` header. The target server can get the client's IP from this. – Barmar Feb 21 '23 at 16:48

0 Answers0