On This Page
Common Environment Variables Available to XSSIs
- Environment Variables available to XSSI commands
- The page below lists many of the environment variables that are usually generated by an http request. These variables vary greatly between platforms, servers and server versions. If you know of more, please let me know so I can add them. All of the following variables can be referenced in XSSI commands.
- This chart is in order by Function. Another one is available in an Alphabetical listing.
Information about the Browser (client)
- The MIME types which the client will accept, as given by HTTP headers ("Accept:"). Other protocols may need to get this information from elsewhere. Each item in this list should be separated by commas as per the HTTP spec.
Format: type/subtype, type/subtype
Example: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */*
- Contains the contents of any "Accept-Charset:" headers supplied by the client.
- Contains the contents of any "Accept-Language:" headers supplied by the client.
- Usually set to 'Keep-Alive' by browsers that support sending more than one file in a single client/server connection.
- Contains the contents of any "Cookie:" header supplied by the client.
- The e-mail address of the user making the request. Most browsers do not support this variable. This variable is often user-definable on the browser side and my not reflect reality.
- Contains the contents of the "Host:" header supplied by the client. This should contain the one of the aliases for the host on which the server is running. It should be the hostname from the URL that the client is requesting. Thus a client seeking http://www.serverhost.com:8000/foo.html should supply "www.serverhost.com" in this header. Many browsers do not do this. It is required in HTTP/1.1.
- The URL of the document that the client displayed which linked to the address of the current request. Contains the contents of the "Referer:" header from the client.
- Contains the contents of the "User-Agent:" header supplied by the client. This is supposed to contain the name of the browser which the client is using to make this request.
Example: Mozilla/3.0 (Macintosh; I; PPC)
- The extra path information, as given by the client. In other words, scripts can be accessed by their virtual pathname, followed by extra information at the end of this path. The extra information is sent as PATH_INFO. This information should be decoded by the server if it comes from a URL before it is passed to the CGI script.
- The IP address of the remote host (client or proxy) making the request.
- The hostname making the request. If the server does not have this information, it should be set equivilent to REMOTE_ADDR.
- If the HTTP server supports RFC 931 identification, then this variable will be set to the remote user name retrieved from the server. Usage of this variable should be limited to logging only.
- This variable will be set to the port number that created the request on the client.
- If the server supports user authentication, and the script is protected, this is the username they have authenticated as.
Information about the Time and Date
- The current date in Greenwich Mean Time.
- The current date in the local time zone.
Information about the Server (Host)
- If the server supports user authentication, and the script is protected, this is the protocol-specific authentication method used to validate the user.
Example: "Basic" or "Digest"
- The directory from which Web documents are served.
- The revision of the CGI specification to which this server complies.
- The e-mail address of server's administrator.
- The server's hostname, DNS alias, or IP address as it would appear in self-referencing URLs.
- The port number to which the request was sent. Most often '80'
- The name and revision of the information protcol this request came in with.
- The name and version of the information server software answering the request (and running the gateway).
Example: Apache/1.3.3 (Unix) (Red Hat/Linux)
Information about the Document (Requested URL or File)
- The length of the content as given by the client for a POST. The length is an ASCII string representing the number of bytes.
- For queries which have attached information, such as HTTP POST and PUT, this is the content type of the data.
- The filename (excluding directories) of the document requested by the user.
- The (%-decoded) URL path of the document requested by the user. Note that in the case of nested include files, this is not the URL for the current document!
- The last modification date of the document requested by the user.
- Example: /bin:/usr/bin:/usr/etc:/usr/ucb
- The server provides a translated version of PATH_INFO, which takes the path and does any virtual-to-physical mapping to it.
- The information which follows the ? in the URL which referenced this script. This is the query information. It should not be decoded in any fashion. This variable should always be set when there is query information, regardless of command line decoding.
- The method with which the request was made. For HTTP, this is "GET", "HEAD", "POST", etc.
- The virtual path of the document requested. This is the directory and filename request that comes after the domain name in a URL.
- A physical path to the script being executed.
- A virtual path to the script being executed, often used for self-referencing URLs.