<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<title></title>
</head>
<body text="#000000" bgcolor="#ffffff">
Am 04.05.2011 20:56, schrieb katmagic:
<blockquote cite="mid:1304535379.2253.11.camel@ubuntu" type="cite">
<pre wrap="">On Wed, 2011-05-04 at 02:39 -0600, Jim wrote:
</pre>
<blockquote type="cite">
<pre wrap="">kuhkatz wrote:
</pre>
<blockquote type="cite">
<pre wrap="">you could just put the survey on a .onion-site to ensure only tor-users
can vote.
maybe you would still consider blocking the tor2web-proxies.
</pre>
</blockquote>
<pre wrap="">
In terms of of the Tor network, aren't tor2web proxies simply ordinary
clients? How would you know the request cam via tor2web? Am I am
missing something?
Jim
_______________________________________________
tor-talk mailing list
<a class="moz-txt-link-abbreviated" href="mailto:tor-talk@lists.torproject.org">tor-talk@lists.torproject.org</a>
<a class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk</a>
</pre>
</blockquote>
<pre wrap="">
Tor2Web sends the X-Forwarded-For header which will contain the IP of
the client that requested your site. Actual Tor users won't (shouldn't)
send this header at all.
</pre>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
tor-talk mailing list
<a class="moz-txt-link-abbreviated" href="mailto:tor-talk@lists.torproject.org">tor-talk@lists.torproject.org</a>
<a class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk</a>
</pre>
</blockquote>
i just set up a .onion to test.<br>
i get the X-FORWARDED-FOR-headers, yes.<br>
the reported ip belongs to the university of stanford, which is
definetly neither the location of me, not my onionsite.<br>
<br>
maybe this is the ip of the tor2web-site which was given me from their
roundrobin?<br>
if thats true, it would allow blocking tor2web servers, but since its
not the ip of the user visiting the site that would not be necessary in
the first place.<br>
</body>
</html>