Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
WikiMedia's Geo IP Lookup JSONP call (wikimedia.org)
61 points by jamesjyu on July 10, 2011 | hide | past | favorite | 26 comments


Hey folks, just FYI, I work there and this is not intended to be a public API for anyone to use. As others have pointed out, it's trivial to set up such a service yourself anyway.

I know the security-minded among you are going to start complaining that it would be easy to add a nonce, but we'd rather avoid that. Our strategy is to serve virtually everything from cache.


Doing the IP lookup yourself isn't very hard. The nginx HttpGeoIPModule[1] will do a lookup on the MaxMind databases for you. I used it in my weekend hack, http://spotwoo.com. Doesn't take very long to set up, very easy to use.

[1] http://wiki.nginx.org/HttpGeoIPModule


Interestingly, the latest version of Google AppEngine automatically geolocates every request (to the country level anyway)

All user request have an X-AppEngine-Country header which contains the ISO-3166-1 alpha-2 country code for the user, based on the IP address of the client request.

(from Version 1.5.1 http://code.google.com/p/googleappengine/wiki/SdkReleaseNote...)


The payload is not JSONP and strikes me as a bit impractical:

    Geo = { /* object literal */ }
I assume this service is meant to be consumed via <script> tag injection. Without a JSONP-style callback parameter, what are consumers to do, inject-then-poll until a "Geo" object is found in the global scope?


    <script src="http://geoiplookup.wikimedia.org/"></script>
    <script>geoloaded()</script>
    </body></html>


D'oh!


The approach of dynamically generating a callback script is more robust than pure JSONP. If your URL returns an error (e.g., 404), you immediately notice, instead of waiting for the time-out. These days, my usual approach looks something like this in flight:

    <script type="text/javascript">
        var response = undefined;
    </script>
    <script type="text/javascript" src="...">
       // response = { .... };
    </script>
    <script type="text/javascript">
       _callbacks[1234](response); // response == undefined means error
       response = undefined;       // allow garbage collection
    </script>
It's a bit more administration, but I really like not having to worry about dynamic callback names, delayed errors, or non-existent callback functions any more.


That's trivial to set up yourself with Maxmind's GeoLite Database.

http://www.maxmind.com/app/geolitecity


It is not JSONP. You have to analyze JavaScript variable: http://servletsuite.com/geoip.htm


GeoPlugin.net has a city-level, free version of this that's actually intended for public use:

http://www.geoplugin.net/json.gp

Other formats here: http://www.geoplugin.com/webservices

Have been using it in production now for several months, works great.


I actually implemented a lucene search index in case you might want to do it in lucene...

https://github.com/krickert/IPAddressZipCodeStateCountryLuce...

It downloads one of the many free DBs of IP addys and makes it into an index. You can do geo spatial searching APIs with IP addys.. Fun stuff.


If anyone wants something similar I built a version of this a few weeks ago: https://github.com/contrast/geoip_sinatra

It's a sinatra app which uses the MaxMind data, typically responds in < 1ms, and it has caching built in (if you deploy it to heroku).


Not very accurate for me. Wrong by about 400km. (that's basically from one end of my country to the other end)


Same for me as well. I'm being detected all the way in another prefecture.

I find it strange that depending on the device, that I will be detected in different areas (even within the same service).

For example: Google Maps says I'm at a park about a 10 minute drive from my current location. But if I view the mobile version of it on my iPod, it can find me to the room of the building I am in.

Anything that's not google or apple puts me in Hamanako, which is a 2 hour drive on the expressway.


It's off by ~10 miles, but since there are several million people between me and where it thinks I am, that's not particularly disturbing.


For me, it was wrong by about 50 miles.


Cool. But what are the terms of use around this one?


been there, done that: http://ip.beached.org ;)


But that's not JSONP.


Oh, that is correct. Sorry, I need to read the headline more carefully. Missed the 'P'.


Which method are they using?


Unless it's changed recently (I haven't followed the discussion since last year) it's using the free version of the MaxMind IP->city database (http://www.maxmind.com/app/geolitecity).

I can't seem to find the relevant mailing list threads, but here's some evidence of ad-hoc accuracy testing last August: http://meta.wikimedia.org/wiki/MaxMindCityTesting


GeoIP (IP-to-location database). http://status.wikimedia.org/8777/156490/GeoIP-lookup


Well, it can’t be the JavaScript location API, because there’s no JavaScript on that page, and anyway my browser would ask me if the page wanted to use my location. The only other method I know of that relies on information the site could get just by my visiting the page is looking the IP address up in a database of IP addresses and locations.


I work there. It's MaxMind.


Gonna guess Geo IP lookup.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: