By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,528 Members | 1,338 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,528 IT Pros & Developers. It's quick & easy.

IP addresses and JS.

P: n/a
Me
Am I right in thinking that when you connect to a website via a proxy,
only Java (not JS) can get one's IP address?

Thanks.
Sep 10 '05 #1
Share this Question
Share on Google+
31 Replies


P: n/a
Me wrote:
Am I right in thinking that when you connect to a website via a proxy,
only Java (not JS) can get one's IP address?


Not *only* Java, but not Javascript, for sure.
Mick
..
Sep 10 '05 #2

P: n/a
Me said the following on 9/10/2005 6:04 AM:
Am I right in thinking that when you connect to a website via a proxy,
only Java (not JS) can get one's IP address?


No, Java is not the only way to attempt to get one's IP Address, but JS
can't get it at all.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Sep 10 '05 #3

P: n/a
Mick White wrote on 10 sep 2005 in comp.lang.javascript:
Me wrote:
Am I right in thinking that when you connect to a website via a proxy,
only Java (not JS) can get one's IP address?


Not *only* Java, but not Javascript, for sure.


Javascript can get the IP-address, but only serverside.

Try j[ava]script on an ASP platform.

================

Clientside the IP-address as seen by the server
is often not even available, as the client machine
only "sees" the local IP bihind router and/or proxi.

And that clientside iP is not available to in-browser javascript.

================

Java and javascript have nothing in common but the name.

--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)

Sep 10 '05 #4

P: n/a
OK I have been wondering about this for a long time....
please be more clear....I really like a definitive word.

1) How else exactly, other than via Java, can server-side find out REAL IP
of client going thru HI-ANONIMITY proxy ?

2) php ? can forum like vBulletin find REAL IP ?

thanks

"Randy Webb"
No, Java is not the only way to attempt to get one's IP Address, but JS
can't get it at all Not *only* Java, but not Javascript, for sure.
Mick

Sep 10 '05 #5

P: n/a
Boobie said the following on 9/10/2005 11:56 AM:
OK I have been wondering about this for a long time....
please be more clear....I really like a definitive word.

1) How else exactly, other than via Java, can server-side find out REAL IP
of client going thru HI-ANONIMITY proxy ?
You ask the user.
And wonder why they won't tell you. People use a HI-Anonymity proxy for
a reason.

What exactly do you think you need the IP for anyway?
2) php ? can forum like vBulletin find REAL IP ?


Since I don't know what vBulletin is, I can't answer that.

And, please learn to quote.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Answer:It destroys the order of the conversation
Question: Why?
Answer: Top-Posting.
Question: Whats the most annoying thing on Usenet?
Sep 10 '05 #6

P: n/a
Boobie wrote on 10 sep 2005 in comp.lang.javascript:
OK I have been wondering about this for a long time....
please be more clear....I really like a definitive word.

1) How else exactly, other than via Java, can server-side find out
REAL IP of client going thru HI-ANONIMITY proxy ?


What is "REAL IP of client"?
A server sees just the IP that it gets.

This is independent of the computer language used.
--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)

Sep 10 '05 #7

P: n/a
I think the person who posted the question wants to know the IP address
of the client within a Local network, who is coming through a proxy to
his site.

Well as many of us would have guessed it is not possible unless you
hack into the proxy, which is very subjective and difficult ;) besides
that is not what we are looking at.

Simply speaking the answer is NO, you cannot get the IP address.

Tell me how would you know who exactly in a group wants a resource if a
representative of a group keeps asking for the resource to you. unless
you ask the representative ;)

I dont think languages have any bearing on this very general question.

Thanks and Regards

Sep 10 '05 #8

P: n/a
Exactly.
I was confused by earlier posts that seemed to suggest there are ways OTHER
than Java/Java Applet
that can sniff out the real IP.

"Sanjay"
I dont think languages have any bearing on this very general question.

Sep 10 '05 #9

P: n/a
People use a HI-Anonymity proxy for a reason.
Yes, I use one for web forum and I have several reasons ;)
What exactly do you think you need the IP for anyway?


Well, I don't.
It's the other side that does smart-ass things based on client IPs.
Sep 10 '05 #10

P: n/a
Me
Mick White wrote:
Me wrote:
Am I right in thinking that when you connect to a website via a
proxy, only Java (not JS) can get one's IP address?


Not *only* Java, but not Javascript, for sure.
Mick
.


What other applications can get the Ip then?
Sep 10 '05 #11

P: n/a
Me
Evertjan. wrote:
Mick White wrote on 10 sep 2005 in comp.lang.javascript:
Me wrote:

Am I right in thinking that when you connect to a website via a proxy,
only Java (not JS) can get one's IP address?
Not *only* Java, but not Javascript, for sure.


Javascript can get the IP-address, but only serverside.

Try j[ava]script on an ASP platform.

So, IOW, when the client (that is the home Internet user) connects to a
server e.g. www.yahoo.com the server cannot get the client's IP using
JS, right?
================

Clientside the IP-address as seen by the server
is often not even available, as the client machine
only "sees" the local IP bihind router and/or proxi.

And that clientside iP is not available to in-browser javascript.

================

Java and javascript have nothing in common but the name.

Sep 10 '05 #12

P: n/a
Me
Randy Webb wrote:
Me said the following on 9/10/2005 6:04 AM:
Am I right in thinking that when you connect to a website via a
proxy, only Java (not JS) can get one's IP address?

No, Java is not the only way to attempt to get one's IP Address, but
JS can't get it at all.

Just to clarify here I am talking about when a home user connects to a
company for example website.
Sep 10 '05 #13

P: n/a
Me wrote:
Javascript can get the IP-address, but only serverside.
Try j[ava]script on an ASP platform.
So, IOW, when the client (that is the home Internet user) connects to a
server e.g. www.yahoo.com the server cannot get the client's IP using
JS, right?


JavaScript (or pretty much anything else) running on the server can get the
IP address of the machine that made the request, which may be the user's
workstation, but could also be a proxy server or similar.

--
David Dorward <http://blog.dorward.me.uk/> <http://dorward.me.uk/>
Home is where the ~/.bashrc is
Sep 10 '05 #14

P: n/a
Me
David Dorward wrote:
Me wrote:
Javascript can get the IP-address, but only serverside.
Try j[ava]script on an ASP platform.

So, IOW, when the client (that is the home Internet user) connects to a
server e.g. www.yahoo.com the server cannot get the client's IP using
JS, right?


JavaScript (or pretty much anything else) running on the server can get the
IP address of the machine that made the request, which may be the user's
workstation, but could also be a proxy server or similar.

My specific question though, was could JavaScript "see behind" a proxy
or could it only get the IP address that was used to connect to the
server, which would be the proxy address?
Sep 10 '05 #15

P: n/a
Boobie wrote:
I was confused by earlier posts that seemed to suggest there
are ways OTHER than Java/Java Applet
that can sniff out the real IP.
There are other ways of getting the real local IP of a client computer.
There are, for example, ActiveX objects that can do that. However,
browser security seriously impacts on the use of these other methods,
and they generally will not be useable under normal Internet security
settings. Though they may be available in less restrictive security
zones and so could be employed on an Intranet.

But, as has been said, there is little value in getting an internal
network IP for a client. Externally the only application for that
information would be as an aid in attacking that network (which is why
external security will not tend to allow it).
"Sanjay"
I dont think languages have any bearing on this very general
question.


You will not be getting many more warnings on quoting properly before
having your future posts ignored by a significant proportion of the
contributors to this group.

Richard.
Sep 10 '05 #16

P: n/a
Me
Mick White wrote:
Me wrote:
Am I right in thinking that when you connect to a website via a
proxy, only Java (not JS) can get one's IP address?


Not *only* Java, but not Javascript, for sure.
Mick
.


Sorry to keep posting, but what I meant was can JS get the IP from
behind the proxy or is it only the IP address the website sees (which
could be a direct connection or it could be a proxy)?
Sep 10 '05 #17

P: n/a
Me wrote:
JavaScript (or pretty much anything else) running on the server can get
the IP address of the machine that made the request, which may be the
user's workstation, but could also be a proxy server or similar.
My specific question though, was could JavaScript "see behind" a proxy
or could it only get the IP address that was used to connect to the
server, which would be the proxy address?


Anything that runs on the server can only find out where a request came
from. It can't tell if any proxies are involved.

Something (but not JavaScript in a browser environment) running on the
client could conceivable find out ip addresses that that machine uses.
However, they are not likely to be of much practical use, and you would
have to decide which ip address you wanted to know about - the machine I'm
working on at present has had as many as 7 at once.

--
David Dorward <http://blog.dorward.me.uk/> <http://dorward.me.uk/>
Home is where the ~/.bashrc is
Sep 10 '05 #18

P: n/a
Me <ne*******@iehfriewhf.com> writes:
Sorry to keep posting, but what I meant was can JS get the IP from
behind the proxy or is it only the IP address the website sees


Again, Javascript on the client cannot get any IP address. So, neither.
Javascript on the server can see the IP the "website" sees.
Actually, Javascript *can* give the IP address of the client using
this amazing function:
---
function getIP() {
return "127.0.0.1";
}
---
.... which is just to say that an internal address isn't really
worth anything, so you might as well stop wanting it. :)

/L
--
Lasse Reichstein Nielsen - lr*@hotpop.com
DHTML Death Colors: <URL:http://www.infimum.dk/HTML/rasterTriangleDOM.html>
'Faith without judgement merely degrades the spirit divine.'
Sep 11 '05 #19

P: n/a

"Me"
Sorry to keep posting, but what I meant was can JS get the IP from
behind the proxy or is it only the IP address the website sees (which
could be a direct connection or it could be a proxy)?


WHY is it so hard for you to know after all these answers
that JavaScript runs in the CLIENT BROWSER ONLY ?
It does NOT live/run/work anywhere else OUTSIDE your desktop browser,
the Web site you request the page from AND the proxy server you go thru to
reach
that site can NOT be touched by the JS code.

Sep 11 '05 #20

P: n/a
Boobie wrote on 11 sep 2005 in comp.lang.javascript:
WHY is it so hard for you to know after all these answers
that JavaScript runs in the CLIENT BROWSER ONLY ?
It does NOT live/run/work anywhere else OUTSIDE your desktop browser,
the Web site you request the page from AND the proxy server you go
thru to reach
that site can NOT be touched by the JS code.

Well, not exactly.

It can also run under ASP on the server,
but probably the OP means by JS just clientside script.

Me wrote: Am I right in thinking that when you connect to a website via a proxy,
only Java (not JS) can get one's IP address?


A computer language is just that, a language and can do nothing. It is only
the running of the executing/interpreting/rendering programme on a computer
that "does" something. That's why it is so important to know "where" the
javascript is executed.

If it is executed on the browser it can only know what the client computer
knows or can get. If it is executed on the server, the same goes for the
server computer.

--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)

Sep 11 '05 #21

P: n/a
Me
Evertjan. wrote:
Boobie wrote on 11 sep 2005 in comp.lang.javascript:

WHY is it so hard for you to know after all these answers
that JavaScript runs in the CLIENT BROWSER ONLY ?
It does NOT live/run/work anywhere else OUTSIDE your desktop browser,
the Web site you request the page from AND the proxy server you go
thru to reach
that site can NOT be touched by the JS code.


I am not concerned about the JS on my computer. I am talking about the
JS on the server computer (company, bank, webmail, whatever). All I was
asking was whether or not the JavaScript on www.whatevercompany.com had
the ability - if I am allowing JavaScript to work in my browser - to
access my IP if a) I connect without a proxy and b)if I connect through
a proxy.
Well, not exactly.

It can also run under ASP on the server,
but probably the OP means by JS just clientside script.

Me wrote:

Am I right in thinking that when you connect to a website via a proxy,
only Java (not JS) can get one's IP address?


A computer language is just that, a language and can do nothing. It is only
the running of the executing/interpreting/rendering programme on a computer
that "does" something. That's why it is so important to know "where" the
javascript is executed.

If it is executed on the browser it can only know what the client computer
knows or can get. If it is executed on the server, the same goes for the
server computer.

But other posters have indicated that JS running on the server computer
(the computer a home user for example would connect to) would have the
ability to access the IP on the home user's machine.

I am sorry for getting confused about this and appreciate people's
responses.
Sep 11 '05 #22

P: n/a
Me
Evertjan. wrote:
Boobie wrote on 11 sep 2005 in comp.lang.javascript:

WHY is it so hard for you to know after all these answers
that JavaScript runs in the CLIENT BROWSER ONLY ?
It does NOT live/run/work anywhere else OUTSIDE your desktop browser,
the Web site you request the page from AND the proxy server you go
thru to reach
that site can NOT be touched by the JS code.

Well, not exactly.

It can also run under ASP on the server,
but probably the OP means by JS just clientside script.

Me wrote:

Am I right in thinking that when you connect to a website via a proxy,
only Java (not JS) can get one's IP address?


A computer language is just that, a language and can do nothing. It is only
the running of the executing/interpreting/rendering programme on a computer
that "does" something. That's why it is so important to know "where" the
javascript is executed.

But if a home user connects to a website that uses JS, would not that JS
execute on the client (home user's) machine when the user downloads the
webpage?
If it is executed on the browser it can only know what the client computer
knows or can get. If it is executed on the server, the same goes for the
server computer.

Sep 11 '05 #23

P: n/a
Me wrote:
Evertjan. wrote:

<snip>
If it is executed on the browser it can only know what
the client computer knows or can get. If it is executed
on the server, the same goes for the server computer.

But other posters have indicated that JS running on the
server computer (the computer a home user for example
would connect to) would have the ability to access the
IP on the home user's machine.

<snip>

That is not what has been said. The server receives an HTTP request and
has access to all of the information contained in that request. That
information includes the IP address at which the request originates. The
server must receive that information in order to make a response (it
needs to know where to send the response and it sends it to the IP
address given).

However, the originating IP address sent as part of an HTTP request is
not necessarily the IP address of the computer that originally made a
request. If the request was made through a proxy then it is that proxy
that makes the actual request to the server and it may be the IP address
of the proxy that is sent on to the server. In that case the only IP
address information that arrives at the server is the IP address of the
proxy, and the user's IP address (or, as has also been pointed out in
various ways, any one of the user's IP addresses) cannot be known to the
server.

Richard.
Sep 11 '05 #24

P: n/a
Me wrote:
Evertjan. wrote:

<snip>
A computer language is just that, a language and can do
nothing. It is only the running of the executing/
interpreting/rendering programme on a computer that "does"
something. That's why it is so important to know "where"
the javascript is executed.

But if a home user connects to a website that uses JS,
would not that JS execute on the client (home user's)
machine when the user downloads the webpage?

<snip>

Stating that a web site "uses JS" is too vague to say anything useful.
Javascript is just a programming language, and may be used to script all
sorts of host environments including servers. It just happens to be the
scripting language of choice for web browser implementers.

The interaction between a web browser and a server is through HTTP. HTTP
is a request-response protocol. The browser client sends an HTTP request
to a server (possibly through proxies). The server receives a request,
makes decisions about how to react to the request and then sends a
response back to the client. The client then does something with the
response.

In making a decision about how to react to a request a server may
execute scripts and/or programs, and those scripts/programs may be
written in JS, C/C++, Perl, Java, PHP, any .NET language and much else
besides. If the server happens to execute scirpts written in JS in
deciding how to react to the HTTP request then the site may be described
as 'using JS', and that JS code is executed on the server (only).

The HTTP response sent back to the client may be an (x)HTML page that
includes SCRIPT elements that contain (or reference) javascript source
code. A site sending javascript in its responses may also be said to be
'using JS'. If that is the case, and the client is a web browser capable
of executing JS, has its security settings such that it may execute the
script, supports the features employed by the script, and the script
source code is correct and error-free, then the browser may execute that
script on the client's computer.

A script executing on the server has access to all of the information
contained in the HTTP request (and any other resources available on the
server or to which the server has been granted access, such as
databases). A script executing on the browser has access to whatever the
browser exposes to it, which would normally include little more than the
browsers internal representation of the document that it was showing,
and would not normally include the hard discs of the local computer, the
local computer's IP address, the local network and anything else that
may have security implications.

Richard.
Sep 11 '05 #25

P: n/a

"Me"
But if a home user connects to a website that uses JS, would not that JS
execute on the client (home user's) machine when the user downloads the
webpage?


Yeah so ?
Your desktop browser *will* blindly execute *any* JS that comes along with
that page you request.
but going back to your original concern, JS does not have the ability to
raed/get IP of client desktop .
Sep 11 '05 #26

P: n/a
very good, patient explanation
Sep 11 '05 #27

P: n/a
Boobie said the following on 9/11/2005 2:28 PM:
"Me"
But if a home user connects to a website that uses JS, would not that JS
execute on the client (home user's) machine when the user downloads the
webpage?

Yeah so ?
Your desktop browser *will* blindly execute *any* JS that comes along with
that page you request.


No it won't. Stop spreading that rumor.
but going back to your original concern, JS does not have the ability to
raed/get IP of client desktop .


Now that is true.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Sep 11 '05 #28

P: n/a

"Randy Webb"
Yeah so ?
Your desktop browser *will* blindly execute *any* JS that comes along with that page you request.


No it won't. Stop spreading that rumor.

What you mean ?

How about I rephrase:
"Assuming you do NOT put any restrictions on JS that your brand of browser
lets you do....
The browser *will* blindly execute *any* JS that comes along with the
page..."

now that's a mouthful :)

That better ?
Sep 12 '05 #29

P: n/a
Boobie said the following on 9/11/2005 9:30 PM:
"Randy Webb"
Yeah so ?
Your desktop browser *will* blindly execute *any* JS that comes along
with
that page you request.


No it won't. Stop spreading that rumor.


What you mean ?


I mean precisely that. The browser will *not* blindly exucte any JS that
comes along. There are several examples that come to mind. ActiveX,
cross-domain security scripts, even scripts in a non-script or
script-disabled browser.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Sep 12 '05 #30

P: n/a
Richard,

Didnt get your message here, is it for me? Can you elaborate?

Thanks
Sanjay

Sep 12 '05 #31

P: n/a
Sanjay wrote:
Richard,
Didnt get your message here,
No, not in any sense.
is it for me?
What did the message's References header say?
Can you elaborate?


Not without a context.

Richard.
Sep 12 '05 #32

This discussion thread is closed

Replies have been disabled for this discussion.