ASP Request Object : ServerVariables Collection
The ServerVariables collection allows your code to retrieve various environment variables. These variables are determined by the server before your code executes. There are 53 preset server variables which you can access (you can also define and use your own - see Response.AddHeader).
There is one mandatory argument:
- Variable Name - The name of the server variable (see the complete table of variable names at the bottom of this w/u).
This results in the output (assuming this ASP
code ran on E2
Tips & Hints
Of the 53 available Server variables, I've found I only use a few regularly. I'll outline these in detail below, summaries of the rest are available in the "table" at the bottom of this w/u.
This variable contains the complete URL of the website/page which referred the user to the current page. This may be an external URL or an internal URL. The variable only contains a referer (sic) when the user has either: clicked on a link, submitted a form, or executed an ASP page which redirected them to the current page.
In conjunction with a database or log file, you can use the HTTP_REFERER variable to track where your users are coming from, and what route(s) through your site they are taking. The latter is especially important, since it can be used to determined the most popular areas of the site, as well as pointing out UI deficiencies that are leading to certain areas being overlooked or ignored.
This variable contains a string describing the browser which sent the request. Useful for keeping track of what browsers are being used to view your site, or if you are evil, to block certain browsers from accessing your site.
Examples of user agent strings2:
Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)
Note: This is only a small sampling of possible browser strings, and your code should never rely on an exact replication of any of these strings. MSIE can be redistributed by licensed 3rd parties, who can customize the header.
- MSIE 5.5 on MS NT 4.0
Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
- MSIE 5.5 on MS Windows 2000
Mozilla/4.75 en(X11;U;Linux2.2.16-22 i586)
- NS 4.75 on Red Hat Linux 7.0 under X windows
Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.4) Gecko/20011128 Netscape6/6.2.1
- NS 6.2.1 on Windows 2000
Mozilla/5.0 (compatible; Konqueror/2.1.1; X11)
- Konqueror 2.1.1 (KDE) on Linux Mandrake 8.0 under X windows
Mozilla/4.0 (compatible; MSIE 5.0; Windows 2000) Opera 6.0 en
- Opera 6.0 on Windows 2000
This variable contains the query string information contained in the HTTP request. This string is everything to the right of the question mark (?) in the URL. For example, obtaining this variable for E2 would result in a string similar to this one:
This is great for redirecting
to a new page while still preserving the query string information.
This is the IP address of the remote host sending the HTTP request. Useful for restricting access to sites via their IP. For example, my company restricts access to the internal development website to IP's originating from our LAN.
The IP address can also be used to track visitors to the site, as well as be mapped to localities to determine where your visitors are coming from.
For ... Next Looping of the ServerVariables
You can use the For Each Item ... Next control construct to loop through the entire ServerVariable collection in 3 lines of code. This is a useful script to keep around to quickly and easily check all of the server variables.
For Each Item In Request.ServerVariables
Response.Write Item & ": " & Request.ServerVariables(Item) & "<br>" & vbCrLf
containts the name of the ServerVariable, and
returns the value of the ServerVariable.
ALL_HTTP | All HTTP headers sent by the client.
ALL_RAW | Retrieves all the HTTP headers in raw from. The diff-
| erence between ALL_RAW and ALL_HTTP is that headers
| are not prefixed with "HTTP_" and are not automatically
APPL_MD_PATH | Retrieves the metabase path for the Application for
| the ISAPI DLL.
APPL_PHYSICAL_PATH | Retrieves the physical path corresponding to the meta-
| base path.
AUTH_PASSWORD | The value entered in the client's authentication dia-
| log. This variable is available only if Basic authen-
| tication is used.
AUTH_TYPE | The authentication method the server uses to validate
| users when they try to access a protected script.
AUTH_USER | The name of the user as derived from the authorization
| header sent by the client. This variable is the same as
CERT_COOKIE | A unique ID for the client certificate.
CERT_FLAGS | bit0 is set to 1 if the client certificate is present.
| bit1 is set to 1 if the client certificate's certifi-
| cation authority (CA) is invalid (not in the server's
| CA list).
CERT_ISSUER | Issuer field of the client certificate.
CERT_KEYSIZE | The number of bits in Secure Sockets Layer connection
| key size.
CERT_SECRETKEYSIZE | The number of bits in the server certificate private
| key size.
CERT_SERIALNUMBER | The serial number field of the client certificate.
CERT_SERVER_ISSUER | Issuer field of the server certificate.
CERT_SERVER_SUBJECT | Subject field of the server certificate.
CERT_SUBJECT | Subject field of the client certificate.
CONTENT_LENGTH | The length of the content header as sent by the client.
CONTENT_TYPE | The date type of the content. Used with queries that
| have attached content (GET,POST).
GATEWAY_INTERFACE | The revision of the CGI specification used by the
HTTP_ACCEPT | Returns the value of the Accept header.
HTTP_ACCEPT_LANGUAGE | Returns a string that specifies the language to be used
| for displaying content.
HTTP_CONNECTION | Returns a string containing information about the conn-
HTTP_COOKIE | Returns the cookie string that was included with the
HTTP_HOST | Returns the name of the web server.
HTTP_REFERER | Returns a string containing the URL of the page that
| referred the request to the current page (using a HTML
| <A> tag or ASP's Response.Redirect.
HTTP_USER_AGENT | Returns a string describing the browser that sent the
HTTP_UA_PIXELS1 | Returns a string detailing the resolution of the client's
| screen ("800x600").
HTTP_UA_COLOR1 | Returns a string with color information.
HTTP_UA_OS1 | Returns a string stating the operating system of the
HTTP_UA_CPU1 | Returns a string stating the processor type used by the
HTTPS | Returns ON if the request came through SSL, and OFF if
| it did not.
HTTPS_KEYSIZE | Number of bits in the SSL connection key size.
HTTPS_SECRETKEYSIZE | Number of bits in the server certificate private key.
HTTPS_SERVER_ISSUER | Issuer field of the server certificate.
HTTPS_SERVER_SUBJECT | Subject field of the server certificate.
INSTANCE_ID | The ID for the IIS instance in text form.
INSTANCE_META_PATH | The metabase path for the instance of IIS that
| responds to the request.
LOCAL_ADDR | Returns the server IP address on which the request came
| came in.
LOGON_USER | The Windows account that the user is logged into.
PATH_INFO | Extra path info as given by the client.
PATH_TRANSLATED | A translated version of PATH_INFO that performs any
| necessary virtual-to-physical mapping.
QUERY_STRING | Query information following the question mark in the
| HTTP request.
REMOTE_ADDR | The IP address of the remote host making the request.
REMOTE_HOST | The name of the host making the request. This will be
| empty if the server does not have this information.
REMOTE_USER | An unmapped user name string sent in the authorization
| header by the client.
REQUEST_METHOD | The method used to make the request (GET, POST, etc.).
SCRIPT_NAME | A virtual path to the script (ASP page) being executed.
SERVER_NAME | The server's host name, DNS alias, or IP address.
SERVER_PORT | The port number to which the request was sent.
SERVER_PORT_SECURE | A string that contains a 1 if the request is being
| handled on a secure port. If not, it contains a 0.
SERVER_PROTOCOL | The name and revision of the request information
SERVER_SOFTWARE | The name and version of the server software that answers
| the request and runs the gateway.
URL | Gives the base portion of the URL.
Back to the ASP Request Object
Back to ASP Objects
1 These four variables are only available from clients using older versions of IE.
2 Example strings from http://www.zytrax.com/tech/web/browser_ids.htm (4/30/2002).
All code is my own (and enjoys a good, stiff Black Russian every once in a while)