Server-side operations are supported by some web servers. Because they are executed on the server they are not part of the http protocol and a server can, in principle, implement any server-side operations that its author(s) care to provide.
Server-side operations place an extra load on the server because it must read and parse the source file and perform the operations rather than simply copying the source file to the output. This is one reason why they might be disabled.
Server side includes, for example, could cause security
loop-holes if not implemented carefully:
User A on a system might `include' user B's
file in a page but B might not want that file to escape
to the whole world wide web.
For this reason there are often restrictions on what file
s
can be included, e.g. must be in a sub-directory of the page
doing the including;
the virtual
attribute is more versatile and
can refer to any(?) source that the server can also deliver by http.
The possibility of running operating system commands or computer programs is even more hazardous as the server runs as a particular "user" and such commands might damage the server's files. Such options are therefore severely restricted.
The syntax of (standard) server side operations is that they are given inside
HTML comments: <!-- ... -->
<!--#echo var="..."-->
can be used to print the value of certain variables
in the HTML page.
Effect | raw SHTML |
---|---|
The date is: Saturday, 20-Apr-2024 07:05:38 AEST. | The date is: <!--#echo var="DATE_LOCAL"-->. |
GMT: Friday, 19-Apr-2024 21:05:38 GMT | GMT: <!--#echo var="DATE_GMT"--> |
DOCUMENT_NAME: SHTML.shtml | DOCUMENT_NAME: <!--#echo var="DOCUMENT_NAME"--> |
SERVER_NAME = users.monash.edu.au | SERVER_NAME = <!--#echo var="SERVER_NAME"--> (A CGI Environment Variable) |
DOCUMENT_URI: /~lloyd/tilde/InterNet/HTML/SHTML.shtml | DOCUMENT_URI: <!--#echo var="DOCUMENT_URI"--> |
Together the last two give the URL: users.monash.edu.au/~lloyd/tilde/InterNet/HTML/SHTML.shtml | |
LAST_MODIFIED: Tuesday, 21-Feb-2017 14:02:36 AEDT | LAST_MODIFIED: <!--#echo var="LAST_MODIFIED"--> |
And now some CGI Environment Variables: | |
SERVER_SOFTWARE = Apache/2.4.6 (Red Hat Enterprise Linux) | SERVER_SOFTWARE = <!--#echo var="SERVER_SOFTWARE"--> |
GATEWAY_INTERFACE = CGI/1.1 | GATEWAY_INTERFACE = <!--#echo var="GATEWAY_INTERFACE"--> |
SERVER_PROTOCOL = HTTP/1.1 | SERVER_PROTOCOL = <!--#echo var="SERVER_PROTOCOL"--> |
SERVER_PORT = 443 | SERVER_PORT = <!--#echo var="SERVER_PORT"--> |
REQUEST_METHOD = GET | REQUEST_METHOD = <!--#echo var="REQUEST_METHOD"--> |
PATH_INFO = (none) | PATH_INFO = <!--#echo var="PATH_INFO"--> |
PATH_TRANSLATED = (none) | PATH_TRANSLATED = <!--#echo var="PATH_TRANSLATED"--> |
SCRIPT_NAME = /~lloyd/tilde/InterNet/HTML/SHTML.shtml | SCRIPT_NAME = <!--#echo var="SCRIPT_NAME"--> |
QUERY_STRING = | QUERY_STRING = <!--#echo var="QUERY_STRING"--> |
REMOTE_HOST = (none) | REMOTE_HOST = <!--#echo var="REMOTE_HOST"--> |
REMOTE_ADDR = 18.220.81.106 | REMOTE_ADDR = <!--#echo var="REMOTE_ADDR"--> |
AUTH_TYPE = (none) | AUTH_TYPE = <!--#echo var="AUTH_TYPE"--> |
REMOTE_USER = (none) | REMOTE_USER = <!--#echo var="REMOTE_USER"--> |
REMOTE_IDENT = (none) | REMOTE_IDENT = <!--#echo var="REMOTE_IDENT"--> |
CONTENT_TYPE = (none) | CONTENT_TYPE = <!--#echo var="CONTENT_TYPE"--> |
CONTENT_LENGTH = (none) | CONTENT_LENGTH = <!--#echo var="CONTENT_LENGTH"--> < /TD> |
HTTP_REFERER = (none) | HTTP_REFERER = <!--#echo var="HTTP_REFERER"--> |
The following text (see box) comes from another file
and is incorporated into this page by the use
of the `#include
' server-side (shtml) tag,
<!--#include file="...."-->
file SHTML.included: line_1, line_2, Line_3. |
this <!--#include virtual="...."-->
file SHTML.included: line_1, line_2, Line_3. |
and is more versatile.
The above included text comes from [this file (click)].
SHTML.included.shtml |
<!--#echo var="DOCUMENT_NAME"-->: SHTML.shtml |
<!--#echo var="DOCUMENT_URI"-->: /~lloyd/tilde/InterNet/HTML/SHTML.shtml |
The source of this page is [here], actually a symbolic-link to the shtml source of this page.
Also see [JavaScript/Navigator/].