A list of Request Objects (server variables)

Fernando Finelli

2.33/5 (19 votes)

Apr 25, 2002

5 min read

177281

A list of server environment variables

Introduction

This is a list of server environment variables

Usage

<% Request.ServerVariables("HTTP_SomeNewHeader") %>

Listing

Variable	Description
`ALL_HTTP`	All HTTP headers sent by the client.
`ALL_RAW`	Retrieves all headers in raw form. The difference between `ALL_RAW` and `ALL_HTTP` is that `ALL_HTTP` places an HTTP_ prefix before the header name and the header name is always capitalized. In `ALL_RAW` the header name and values appear as they are sent by the client.
`APPL_MD_PATH`	Retrieves the metabase path for the Application for the ISAPI DLL.
`APPL_PHYSICAL_PATH`	Retrieves the physical path corresponding to the metabase path. IIS converts the `APPL_MD_PATH` to the physical (directory) path to return this value.
`AUTH_PASSWORD`	The value entered in the client's authentication dialog. This variable is available only if Basic authentication is used.
`AUTH_TYPE`	The authentication method that the server uses to validate users when they attempt to access a protected script.
`AUTH_USER`	The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. This variable is no different from `REMOTE_USER`. If you have an authentication filter installed on your Web server that maps incoming users to accounts, use `LOGON_USER` to view the mapped user name.
`CERT_COOKIE`	Unique ID for client certificate, returned as a string. Can be used as a signature for the whole client certificate.
`CERT_FLAGS`	bit0 is set to 1 if the client certificate is present. bit1 is set to 1 if the cCertification authority of the client certificate is invalid (it is not in the list of recognized CAs on the server).
`CERT_ISSUER`	Issuer field of the client certificate (O=MS, OU=IAS, CN=user name, C=USA).
`CERT_KEYSIZE`	Number of bits in Secure Sockets Layer connection key size. For example, 128.
`CERT_SECRETKEYSIZE`	Number of bits in server certificate private key. For example, 1024.
`CERT_SERIALNUMBER`	Serial number field of the client certificate.
`CERT_SERVER_ISSUER`	Issuer field of the server certificate.
`CERT_SERVER_SUBJECT`	Subject field of the server certificate.
`CERT_SUBJECT`	Subject field of the client certificate.
`CONTENT_LENGTH`	The length of the content as given by the client.
`CONTENT_TYPE`	The data type of the content. Used with queries that have attached information, such as the HTTP queries GET, POST, and PUT.
`GATEWAY_INTERFACE`	The revision of the CGI specification used by the server. The format is CGI/revision.
`HTTP_<HeaderName>`	The value stored in the header `HeaderName`. Any header other than those listed in this table must be prefixed by HTTP_ in order for the `ServerVariables` collection to retrieve its value. Note The server interprets any underscore (_) characters in `HeaderName` as dashes in the actual header. For example if you specify `HTTP_MY_HEADER`, the server searches for a header sent as MY-HEADER.
`HTTP_ACCEPT`	Returns the value of the Accept header.
`HTTP_ACCEPT_LANGUAGE`	Returns a string describing the language to use for displaying content.
`HTTP_COOKIE`	Returns the cookie string that was included with the request.
`HTTP_HOST`	Returns the name of the Web server. This may or may not be the same as `SERVER_NAME` depending on type of name resolution you are using on your Web server (IP address, host header).
`HTTP_REFERER`	Returns a string that contains the URL of the page that referred the request to the current page using an HTML <A> tag. Note that the URL is the one that the user typed into the browser address bar, which may not include the name of a default document. If the page is redirected, `HTTP_REFERER` is empty. `HTTP_REFERER` is not a mandatory member of the HTTP specification.
`HTTP_USER_AGENT`	Returns a string describing the browser that sent the request.
`HTTPS`	Returns ON if the request came in through secure channel (SSL) or it returns OFF if the request is for a non-secure channel.
`HTTPS_KEYSIZE`	Number of bits in Secure Sockets Layer connection key size. For example, 128.
`HTTPS_SECRETKEYSIZE`	Number of bits in server certificate private key. For example, 1024.
`HTTPS_SERVER_ISSUER`	Issuer field of the server certificate.
`HTTPS_SERVER_SUBJECT`	Subject field of the server certificate.
`INSTANCE_ID`	The ID for the IIS instance in textual format. If the instance ID is 1, it appears as a string. You can use this variable to retrieve the ID of the Web-server instance (in the metabase) to which the request belongs.
`INSTANCE_META_PATH`	The metabase path for the instance of IIS that responds to the request.
`LOCAL_ADDR`	Returns the Server Address on which the request came in. This is important on multi-homed computers where there can be multiple IP addresses bound to the computer and you want to find out which address the request used.
`LOGON_USER`	The Windows account that the user is impersonating while connected to your Web server. Use `REMOTE_USER` or `AUTH_US<CODE>E`R to view the raw user name that is contained in the request header. The only time `LOGON_USER` holds a different value than these other variables is if you have an authentication filter installed.
`PATH_INFO`	Extra path information as given by the client. You can access scripts by using their virtual path and the `PATH_INFO` server variable. If this information comes from a URL, it is decoded by the server before it is passed to the CGI script.
`PATH_TRANSLATED`	A translated version of `PATH_INFO` that takes the path and performs any necessary virtual-to-physical mapping.
`QUERY_STRING`	Query information stored in the string following the question mark (?) in the HTTP request.
`REMOTE_ADDR`	The IP address of the remote host making the request.
`REMOTE_HOST`	The name of the host making the request. If the server does not have this information, it will set `REMOTE_ADDR` and leave this empty.
`REMOTE_USER`	The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. If you have an authentication filter installed on your Web server that maps incoming users to accounts, use `LOGON_USER` to view the mapped user name.
`REQUEST_METHOD`	The method used to make the request. For HTTP, this is GET, HEAD, POST, and so on.
`SCRIPT_NAME`	A virtual path to the script being executed. This is used for self-referencing URLs.
`SERVER_NAME`	The server's host name, DNS alias, or IP address as it would appear in self-referencing URLs.
`SERVER_PORT`	The port number to which the request was sent.
`SERVER_PORT_SECURE`	A string that contains either 0 or 1. If the request is being handled on the secure port, then this will be 1. Otherwise, it will be 0.
`SERVER_PROTOCOL`	The name and revision of the request information protocol. The format is protocol/revision.
`SERVER_SOFTWARE`	The name and version of the server software that answers the request and runs the gateway. The format is name/version.
`URL`	Gives the base portion of the URL.