Refer to express code to get attacker IP, req.socket.remoteAddress === '127.0.0.1'
The code cannot work as the actual value of req.socket.remoteAddress I get is :ffff:127.0.0.1.
I can process it to remove :ffff:. Anyone encounter this issue?
Just for local test, use the result when you request "req.socket.remoteAddress", use this value as a string and that's it.
in your case you are getting the ipv6 and the ipv4 "ffff:127.0.0.1" , in real world you could receive an array of ips in other ways. but this is just an exercise to evaluate.
Yes. I process "ffff:127.0.0.1" to remove ":ffff:".
So you mean I get ":ffff:" because of localhost?
In real production env, I will get a array of ip without ":ffff:" ?
yeah exactly - if your system is setup slightly different you may get an ipv4 inside an ipv6 address. It doesn't matter, the principle is the same.