A friend recently ask how to get the public ip address from frontend javascript to send it in the body of a REST API. I don't work with him and he doesn't know why the API needs the ip address in the body so I couldn't get the direct answer.
The question is, send an ip address obtained at the frontend to be used by an API is not an insecure practice? I mean, this could be manipulated from the client side in several ways. But on the other hand that could be to detect any vpn or something else maybe.
I was looking and I found that this seems to be a common practice, since there are lots of services gives you your ip
