Share via

#echo

  • Article

The #echo Server-Side Include (SSI) directive instructs the Web server to display the value of a server variable. You must surround a directive with HTML comment delimiters.

By default, this directive can be used only in STM pages; it cannot be used in ASP pages. For ASP pages, you can access some of the variables listed below by using the Request.ServerVariables Collection collection. For DATE_GMT and DATE_LOCAL, you can use VBScript and JScript functions in ASP pages.

Syntax

<!-- #echo var = VariableName -->

Parameters

  • VariableName
    Specifies the name of the variable whose value you want to insert. The variable can be one of the following:

    Variable

    Description

    ALL_HTTP

    All HTTP headers sent by the client.

    ALL_RAW

    Retrieves all headers in raw form. The difference between ALL_RAW and ALL_HTTP is that ALL_HTTP places an HTTP_ prefix before the header name and the header name is always capitalized. In ALL_RAW the header name and values appear as they are sent by the client.

    APPL_MD_PATH

    Retrieves the metabase path for the Application for the ISAPI DLL.

    APPL_PHYSICAL_PATH

    Retrieves the physical path corresponding to the metabase path. IIS converts the APPL_MD_PATH to the physical (directory) path to return this value.

    AUTH_PASSWORD

    The value entered in the client's authentication dialog. This variable is available only if Basic authentication is used.

    AUTH_TYPE

    The authentication method that the server uses to validate users when they attempt to access a protected script.

    AUTH_USER

    The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. This variable is no different from REMOTE_USER. If you have an authentication filter installed on your Web server that maps incoming users to accounts, use LOGON_USER to view the mapped user name.

    CERT_COOKIE

    Unique ID for the client certificate, returned as a string. This can be used as a signature for the whole client certificate.

    CERT_FLAGS

    bit0 is set to 1 if the client certificate is present.

    bit1 is set to 1 if the certification authority of the client certificate is invalid (that is, it is not in the list of recognized certification authorities on the server).

    CERT_ISSUER

    Issuer field of the client certificate (O=MS, OU=IAS, CN=user name, C=USA).

    CERT_KEYSIZE

    Number of bits in the Secure Sockets Layer (SSL) connection key size. For example, 128.

    CERT_SECRETKEYSIZE

    Number of bits in server certificate private key. For example, 1024.

    CERT_SERIALNUMBER

    Serial number field of the client certificate.

    CERT_SERVER_ISSUER

    Issuer field of the server certificate.

    CERT_SERVER_SUBJECT

    Subject field of the server certificate.

    CERT_SUBJECT

    Subject field of the client certificate.

    CONTENT_LENGTH

    The length of the content as given by the client.

    CONTENT_TYPE

    The data type of the content. Used with queries that have attached information, such as the HTTP queries GET, POST, and PUT.

    GATEWAY_INTERFACE

    The revision of the CGI specification used by the server. The format is CGI/revision.

    HTTP_<HeaderName>

    The value stored in the header HeaderName. Any header other than those listed in this table must be preceded by "HTTP_" in order for the ServerVariables collection to retrieve its value.

    ms525581.alert_note(en-us,VS.90).gifNote:
    The server interprets any underscore (_) characters in HeaderName as dashes in the actual header. For example, if you specify HTTP_MY_HEADER, the server searches for a header sent as MY-HEADER.

    HTTP_ACCEPT

    Returns the value of the Accept header.

    HTTP_ACCEPT_LANGUAGE

    Returns a string describing the language to use for displaying content.

    HTTP_COOKIE

    Returns the cookie string that was included with the request.

    HTTP_HOST

    Returns the name of the Web server. This may or may not be the same as SERVER_NAME, depending on type of name resolution you are using on your Web server (IP address or host header).

    HTTP_REFERER

    Returns a string that contains the URL of the page that referred the request to the current page by using an HTML <A> tag. Note that the URL is the one that the user typed into the browser address bar, which may not include the name of a default document.

    If the page is redirected, HTTP_REFERER is empty. HTTP_REFERER is not a mandatory member of the HTTP specification.

    HTTP_USER_AGENT

    Returns a string describing the browser that sent the request.

    HTTPS

    Returns ON if the request came in through a secure channel (for example, SSL); or it returns OFF, if the request is for an insecure channel.

    HTTPS_KEYSIZE

    Number of bits in the SSL connection key size. For example, 128.

    HTTPS_SECRETKEYSIZE

    Number of bits in the server certificate private key. For example, 1024.

    HTTPS_SERVER_ISSUER

    Issuer field of the server certificate.

    HTTPS_SERVER_SUBJECT

    Subject field of the server certificate.

    INSTANCE_ID

    The ID for the IIS instance in textual format. If the instance ID is 1, it appears as a string. You can use this variable to retrieve the ID of the Web server instance (in the metabase) to which the request belongs.

    INSTANCE_META_PATH

    The metabase path for the instance of IIS that responds to the request.

    LOCAL_ADDR

    Returns the server address on which the request came in. This is important on computers where there can be multiple IP addresses bound to the computer, and you want to find out which address the request used.

    LOGON_USER

    The Windows account that the user is impersonating while connected to your Web server. Use REMOTE_USER, UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is contained in the request header. The only time LOGON_USER holds a different value than these other variables is if you have an authentication filter installed.

    PATH_INFO

    Extra path information, as given by the client. You can access scripts by using their virtual path and the PATH_INFO server variable. If this information comes from a URL, it is decoded by the server before it is passed to the CGI script.

    PATH_TRANSLATED

    A translated version of PATH_INFO that takes the path and performs any necessary virtual-to-physical mapping.

    QUERY_STRING

    Query information stored in the string following the question mark (?) in the HTTP request.

    REMOTE_ADDR

    The IP address of the remote host that is making the request.

    REMOTE_HOST

    The name of the host that is making the request. If the server does not have this information, it will set REMOTE_ADDR and leave this empty.

    REMOTE_PORT

    The client port number of the TCP connection.

    REMOTE_USER

    The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. If you have an authentication filter installed on your Web server that maps incoming users to accounts, use LOGON_USER to view the mapped user name.

    REQUEST_METHOD

    The method used to make the request. For HTTP, this can be GET, HEAD, POST, and so on.

    SCRIPT_NAME

    A virtual path to the script being executed. This is used for self-referencing URLs.

    SERVER_NAME

    The server's host name, DNS alias, or IP address as it would appear in self-referencing URLs.

    SERVER_PORT

    The server port number to which the request was sent.

    SERVER_PORT_SECURE

    A string that contains either 0 or 1. If the request is being handled on the secure port, then this is 1. Otherwise, it is 0.

    SERVER_PROTOCOL

    The name and revision of the request information protocol. The format is protocol/revision.

    SERVER_SOFTWARE

    The name and version of the server software that answers the request and runs the gateway. The format is name/version.

    UNMAPPED_REMOTE_USER

    The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. This variable is no different from REMOTE_USER. If you have an authentication filter installed on your Web server that maps incoming users to accounts, use LOGON_USER to view the mapped user name.

    URL

    Gives the base portion of the URL.

Remarks

The file containing this directive must use a file name extension that is mapped to the SSI interpreter; otherwise, the Web server will not process the directive. By default, the file name extensions .stm, .shtm, and .shtml are mapped to the SSI interpreter (ssinc.dll).

An STM page using this directive must be run by itself or by calling it from an ASP page by using Response.Redirect. Calling an STM page from an ASP page with Server.Transfer, Server.Execute, or #include will not work because that would force the STM page to go through Asp.dll instead of through Ssinc.dll.

If you have the IIS Manager installed, you can modify default extension mappings and add new mappings; . Because you cannot map a file name extension to more than one executable, you cannot use thisdirective in ASP files. ASP files are already mapped to Asp.dll and must stay that way.

The following example uses the #echo directive to insert a URL into the ACTION value of a FORM statement.

--- Echo.asp ---

<FORM NAME="RunEcho" METHOD="POST" ACTION="Echo.asp"> 
<INPUT TYPE="SUBMIT" VALUE="Run the #echo Directive" NAME="RunEcho"> 
</FORM> 
<% 
If Len(Request.Form("RunEcho")) Then 
  Response.Redirect("Echo.stm?Echo.asp") 
End If 
%>

--- Echo.stm ---

<H3>Inside Echo.stm</H3> 
AUTH_TYPE is <!-- #echo var="AUTH_TYPE"--><BR> 
<FORM NAME="Return" METHOD="POST" ACTION="<!-- #echo var="QUERY_STRING"-->"> 
<INPUT TYPE="SUBMIT" VALUE="Return to Previous Page" NAME="Return"> 
</FORM>

Requirements

Client: Requires Windows XP Professional, Windows 2000 Professional, or Windows NT Workstation 4.0.

Server: Requires Windows Server 2003, Windows 2000 Server, or Windows NT Server 4.0.

Product: IIS