如果用户自己指定了 x-forwarded-for 则 c.ClientIP() 获取的是被伪造的ip
Comment From: mushsoooup
0.0.0.0 is a trusted proxy, thus the header you set is trusted.
Comment From: DokiDoki1103
不对,我想要获取用户的真实IP,但是client IP 会被用户伪造
Comment From: mushsoooup
It behaves as expected. If you are looking for a way to ignore header passed by trusted proxy, use RemoteIP() instead.
Comment From: DokiDoki1103
ok thanks