(major.io)

980 points nkcmr | 1 comments | 06 Jun 21 19:21 UTC | HN request time: 0s | source

Show context

ColdHeat ◴[06 Jun 21 20:06 UTC] No.27415866[source]▶

I used to use this site until I found https://checkip.amazonaws.com/. Switched because I wasn't sure who was behind icanhazip.com and it's tough to beat AWS. Glad to hear that it will likely be maintained for awhile longer!

replies(2): >>27415952 #>>27416424 #

madars ◴[06 Jun 21 20:18 UTC] No.27415952[source]▶

>>27415866 #

Something to be aware of: checkip.amazonaws.com will happily return an X-Forwarded-For address https://stackoverflow.com/questions/52618096/under-what-circ...

replies(1): >>27416056 #

kortilla ◴[06 Jun 21 20:32 UTC] No.27416056[source]▶

>>27415952 #

Use https

replies(1): >>27416225 #

lucb1e ◴[06 Jun 21 20:52 UTC] No.27416225{3}[source]▶

>>27416056 #

That has nothing to do with an HTTP header. See for yourself:

    $ curl -HX-Forwarded-For:127.0.0.1 https://checkip.amazonaws.com
    127.0.0.1

replies(3): >>27416246 #>>27416267 #>>27481936 #

thewakalix ◴[06 Jun 21 20:59 UTC] No.27416267{4}[source]▶

>>27416225 #

HTTPS encrypts headers, thereby preventing other people from adding headers to your request. Typically people are not adding X-Forwarded-For to their own requests.

replies(1): >>27416582 #

1. lucb1e ◴[06 Jun 21 21:39 UTC] No.27416582{5}[source]▶

>>27416267 #

I'm not arguing either point, I just pointed out that headers are independent of whether you use encryption. But now that I'm thinking about it for a sec, you might want to know what the proxy's exit IP is, and if the proxy adds an XFF Header then you just learn your own IP which wasn't what you wanted. If that is what GGGP meant.

↑

A New Future for Icanhazip