The following table describes the server variables that may be inspected with the Value tag. Note that the descriptions are taken from Microsoft's IIS SDK documentation and not all server variables are displayed in the TRACE output if empty.
| Variable | Platform | Description |
|---|---|---|
| ALL_HTTP | IIS | All HTTP headers sent by the client. |
| ALL_RAW | IIS | Retrieves all headers in raw form. The difference between ALL_RAW and ALL_HTTP is that ALL_HTTP places an HTTP_ prefix before the header name and the header name is always capitalized. In ALL_RAW the header name and values appear as they are sent by the client. |
| APP_POOL_ID | IIS | Returns the name of the application pool that is running in the IIS worker process that is handling the request. |
| APPL_MD_PATH | IIS | Retrieves the metabase path for the Application for the BIS server |
| APPL_PHYSICAL_PATH | IIS | Retrieves the physical path corresponding to the metabase path. IIS converts the APPL_MD_PATH to the physical (directory) path to return this value. |
| AUTH_PASSWORD | IIS | The value entered in the client's authentication dialog box. This variable is available only if Basic authentication is used. |
| AUTH_TYPE | IIS | The authentication method that the server uses to validate users when they attempt to access a protected script. |
| AUTH_USER | IIS | The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. This variable is no different from REMOTE_USER. If you have an authentication filter installed on your web server that maps incoming users to accounts, use LOGON_USER to view the mapped user name. |
| CERT_COOKIE | IIS | Unique ID for the client certificate, returned as a string. This can be used as a signature for the whole client certificate. |
| CERT_FLAGS | IIS | Bit
0 set to
1 if the client certificate is present.
Bit 1 is set to 1 if the certification authority of the client certificate is invalid (that is, it is not in the list of recognized certification authorities on the server). |
| CERT_ISSUER | IIS | Issuer field of the client certificate (O=MS, OU=IAS, CN=user name, C=USA). |
| CERT_KEYSIZE | IIS | Number of bits in the Secure Sockets Layer (SSL) connection key size. For example, 128. |
| CERT_SECRETKEYSIZE | IIS | Number of bits in server certificate private key. For example, 1024. |
| CERT_SERIALNUMBER | IIS | Serial number field of the client certificate. |
| CERT_SERVER_ISSUER | IIS | Issuer field of the server certificate. |
| CERT_SERVER_SUBJECT | IIS | Subject field of the server certificate. |
| CERT_SUBJECT | IIS | Subject field of the client certificate. |
| CONTENT_LENGTH | All | The length of the content as given by the client. |
| CONTENT_TYPE | All | The data type of the content. Used with queries that have attached information, such as the HTTP queries GET, POST, and PUT. |
| DOCUMENT_ROOT | Apache | Contains the local directory from which the server is serving pages. |
| GATEWAY_INTERFACE | All | The revision of the CGI specification used by the server. The format is CGI/revision. Example: CGI/1.1. |
| HTTP_HeaderName | All | The value stored in the HTTP header
HeaderName
. Any header other than those listed below must be preceded by
HTTP in order for the
Value(variable, Server) collection to retrieve its value. This is useful for retrieving custom headers. The server interprets any underscore (_)
characters in
HeaderName
as dashes in the actual header. For example, if you specify
HTTP_MY_HEADER, the server searches for a request header named
MY-HEADER
. |
| HTTP_ACCEPT | All | Returns the value of the Accept header. For example, image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel. |
| HTTP_ACCEPT_CHARSET | IIS | The raw contents of the Accept-Charset header: contains a list of character sets that are acceptable in the response. For example, iso-8859-5, unicode-1-1;q=0.8 |
| HTTP_ACCEPT_ENCODING | All | The raw contents of the Accept-Encoding header: contains a list of accepted encoding types, for example, gzip, deflate. |
| HTTP_ACCEPT_LANGUAGE | All | The raw contents of the Accept-Language header |
| HTTP_AUTHORIZATION | IIS | The raw contents of the Authorization header. |
| HTTP_CACHE_CONTROL | All | The raw contents of the Cache-Control header. |
| HTTP_CONNECTION | All | The raw contents of the Connection header. |
| HTTP_CONTENT_LENGTH | IIS | The raw contents of the Content-Length header. |
| HTTP_CONTENT_TYPE | IIS | The raw contents of the Content-Type header. |
| HTTP_COOKIE | All | Returns the cookie string that was included with the request. |
| HTTP_DATE | IIS | The raw contents of the Date header. |
| HTTP_EXPECT | IIS | The raw contents of the Expect header. |
| HTTP_FROM | IIS | The raw contents of the From header. |
| HTTP_HOST | All | Returns the name of the web server. This may or may not be the same as SERVER_NAME, depending on type of name resolution you are using on your web server (IP address or host header). |
| HTTP_IF_MODIFIED_SINCE | IIS | The raw contents of the If-Modified-Since header. |
| HTTP_IF_NONE_MATCH | IIS | The raw contents of the If-None-Match header. |
| HTTP_IF_RANGE | IIS | The raw contents of the If-Range header. |
| HTTP_IF_UNMODIFIED_SINCE | IIS | The raw contents of the If-Unmodified-Since header. |
| HTTP_MAX_FORWARDS | IIS | The raw contents of the Max-Forwards header. |
| HTTP_PRAGMA | IIS | The raw contents of the Pragma header. |
| HTTP_PROXY_AUTHORIZATION | IIS | The raw contents of the Proxy-Authorization header. |
| HTTP_RANGE | IIS | The raw contents of the Range header. |
| HTTP_REFERER | All | Returns a string that contains the URL of the page that referred the request to the current page by using an HTML
<A> tag. Note that the URL is the one that the user typed into the browser address bar, which may not include the name of a default
document.
If the page is redirected, HTTP_REFERER is empty. HTTP_REFERER is not a mandatory member of the HTTP specification and some clients allow the end user to disable this information. Note that, in this case, REFERER is spelled with a single R. |
| HTTP_TE | All | The raw contents of the TE header. |
| HTTP_TRAILER | All | The raw contents of the Trailer header. |
| HTTP_TRANSFER_ENCODING | All | The raw contents of the Transfer-Encoding header. |
| HTTP_UPGRADE | All | The raw contents of the Upgrade header. |
| HTTP_URL | All | Returns the raw, encoded URL. Example: /xbis/default.srf?query. Note that the scheme and host name are not part of this URL. On Apache, this does not include the query portion. |
| HTTP_USER_AGENT | All | Returns a string describing the browser that sent the request. |
| HTTP_VERSION | IIS | The raw contents of the Version header. |
| HTTP_VIA | IIS | The raw contents of the Via header. |
| HTTP_WARNING | IIS | The raw contents of the Warning header. |
| HTTPS | All | Returns ON if the request came in through a secure channel (for example, SSL); or it returns OFF, if the request is for an insecure channel. |
| HTTPS_KEYSIZE | IIS | Number of bits in the SSL connection key size. For example, 128. |
| HTTPS_SECRETKEYSIZE | IIS | Number of bits in the server certificate private key. For example, 1024. |
| HTTPS_SERVER_ISSUER | IIS | Issuer field of the server certificate. |
| HTTPS_SERVER_SUBJECT | IIS | Subject field of the server certificate. |
| INSTANCE_ID | IIS | The ID for the IIS instance in textual format. If the instance ID is 1, it appears as a string. You can use this variable to retrieve the ID of the web server instance (in the metabase) to which the request belongs. |
| INSTANCE_META_PATH | IIS | The metabase path for the instance of IIS that responds to the request. |
| LOCAL_ADDR | IIS | Returns the server address on which the request came in. This is important on computers where there can be multiple IP addresses bound to the computer, and you want to find out which address the request used. |
| LOGON_USER | IIS | The Windows account that the user is impersonating while connected to your web server. Use REMOTE_USER, UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is contained in the request header. The only time LOGON_USER holds a different value than these other variables is if you have an authentication filter installed. |
| PATH | Apache | Contains the Apache Server's PATH environment variable. |
| PATH_INFO | IIS | Extra path information, as given by the client. You can access scripts by using their virtual path and the PATH_INFO server variable. If this information comes from a URL, it is decoded by the server before it is passed to the CGI script. |
| PATH_TRANSLATED | IIS | A translated version of PATH_INFO that takes the path and performs any necessary virtual-to-physical mapping. |
| QUERY_STRING | All | Query information stored in the string following the question mark (?) in the HTTP request. |
| REMOTE_ADDR | All | The IP address of the remote host that is making the request. |
| REMOTE_HOST | IIS | The name of the host that is making the request. If the server does not have this information, it will set REMOTE_ADDR and leave this empty. |
| REMOTE_PORT | All | The client port number of the TCP connection. |
| REMOTE_USER | IIS | The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. If you have an authentication filter installed on your web server that maps incoming users to accounts, use LOGON_USER to retrieve the mapped user name. |
| REQUEST_METHOD | All | The method used to make the request. For HTTP, this can be GET, HEAD, POST, and so on. |
| REQUEST_URI | Apache | The complete URI of the request. |
| SCRIPT_FILENAME | Apache | The complete file name of the script being executed. |
| SCRIPT_NAME | All | A virtual path to the script being executed. This is used for self-referencing URLs. |
| SERVER_ADDR | Apache | The IP address to which the request was sent. |
| SERVER_ADMIN | Apache | Contains the email address of the server's system administrator. (This is contents of the ServerAdmin configuration record.) |
| SERVER_NAME | All | The server's host name, DNS alias, or IP address as it would appear in self-referencing URLs. |
| SERVER_PORT | All | The server port number to which the request was sent. |
| SERVER_PORT_SECURE | IIS | A string that contains either 0 or 1. If the request is being handled on the secure port, then this is 1. Otherwise, it is 0. |
| SERVER_PROTOCOL | All | The name and revision of the request information protocol. The format is protocol/revision . Example: HTTP/1.1. |
| SERVER_SIGNATURE | Apache | The name and version of the Apache web server, plus the network name and port number on which the web server is running. Example: Apache/2.0.55 (Unix) mod_ssl/2.0.55 OpenSSL/0.9.8a Server at arokh.liant.com Port 80 |
| SERVER_SOFTWARE | All | The name and version of the server software that answers the request and runs the gateway. The format is name/version. Example: Microsoft-IIS/5.0 |
| SSL_CIPHER | Apache HTTPS | The name of the SSL cipher in use. Example: RC4-MD5 |
| SSL_CIPHER_EXPORT | Apache HTTPS | Contains true if the cipher is an export cipher and false otherwise. |
| SSL_CIPHER_ALGKEYSIZE | Apache HTTPS | The maximum number of bits permitted in the cipher's. Example: 128 |
| SSL_CIPHER_USEKEYSIZE | Apache HTTPS | The number of bits actually in use in the cipher. Example: 128 |
| SSL_CLIENT_A_KEY | Apache HTTPS | The signature algorithm used in the client key. Example: rsaEncryption |
| SSL_CLIENT_A_SIG | Apache HTTPS | The signature algorithm used in the client certificate. Example: sha1WithRSAEncryption |
| SSL_CLIENT_I_DN | Apache HTTPS | The client certificate issuer distinguish name subject. Example: /CN=neo |
| SSL_CLIENT_I_DN_CN | Apache HTTPS | The computer name of the client certificate issuer distinguish name subject. Example: neo |
| SSL_CLIENT_M_VERSION | Apache HTTPS | The client certificate's version. Example: 3 |
| SSL_CLIENT_M_SERIAL | Apache HTTPS | The client certificate's serial number. Example: 1DFD4318000000000015 |
| SSL_CLIENT_S_DN | Apache HTTPS | The client certificate distinguished name subject. Example: /C=US/ST=TX/L=Austin/O=Liant/OU=R&D/CN=Mike Schultz/emailAddress=michael.schultz@microfocus.com |
| SSL_CLIENT_S_DN_C | Apache HTTPS | The country of the client certificate distinguished name subject. Example: US |
| SSL_CLIENT_S_DN_CN | Apache HTTPS | The contact of the client certificate distinguished name subject. Example: Mike Schultz |
| SSL_CLIENT_S_DN_Email | Apache HTTPS | The email address of the client certificate distinguished name subject. Example: michael.schultz@microfocus.com |
| SSL_CLIENT_S_DN_L | Apache HTTPS | The location of the client certificate distinguished name subject. Example: Austin |
| SSL_CLIENT_S_DN_O | Apache HTTPS | The organization of the client certificate distinguished name subject. Example: Microfocus |
| SSL_CLIENT_S_DN_OU | Apache HTTPS | The organization unit of the client certificate distinguished name subject. Example: R&D |
| SSL_CLIENT_S_DN_ST | Apache HTTPS | The state of the client certificate distinguished name subject. Example: TX |
| SSL_CLIENT_VERIFY | Apache HTTPS | Contains SUCCESS if the client verification was successful. |
| SSL_CLIENT_V_END | Apache HTTPS | The client certificate's validity end time. Example: Dec 16 20:27:44 2006 GMT |
| SSL_CLIENT_V_START | Apache HTTPS | The client certificate's validity start time. Example: Dec 16 20:17:44 2005 GMT |
| SSL_PROTOCOL | Apache HTTPS | The version of the SSL protocol. Example: SSLv3 |
| SSL_SERVER_M_VERSION | Apache HTTPS | The server's certificate's version. Example: 1 |
| SSL_SERVER_M_SERIAL | Apache HTTPS | The server's certificate's serial number. Example: 00 |
| SSL_SERVER_S_DN | Apache HTTPS | The server certificate distinguished name subject. Example: /C=US/ST=Texas/L=Austin/O=Micro Focus/OU=Development/CN=cent32.microfocmi.com/emailAddress=michael.schultz@microfocus.com |
| SSL_SERVER_S_DN_C | Apache HTTPS | The country of the server certificate distinguished name subject. Example: US |
| SSL_SERVER_S_DN_CN | Apache HTTPS | The computer name of the server certificate distinguished name subject. Example: cent32.microfocus.com |
| SSL_SERVER_S_DN_Email | Apache HTTPS | The email address of the server certificate distinguished name subject. Example: michael.schultz@microfocus.com |
| SSL_SERVER_S_DN_L | Apache HTTPS | The location of the server certificate distinguished name subject. Example: Austin |
| SSL_SERVER_S_DN_ST | Apache HTTPS | The state of the server certificate distinguished name subject. Example: Texas |
| SSL_SERVER_S_DN_O | Apache HTTPS | The organization of the server certificate distinguished name subject. Example: Micro Focus |
| SSL_SERVER_S_DN_OU | Apache HTTPS | The organization unit of the server certificate distinguished name subject. Example: Development |
| SSL_SERVER_I_DN | Apache HTTPS | The server certificate issuer's distinguished name subject. Example: /C=US/ST=Texas/L=Austin/O=Micro Focus/OU=Development/CN=cent32.microfocus.com/emailAddress=michael.schultz@microfocus.com |
| SSL_SERVER_I_DN_C | Apache HTTPS | The country of the server certificate issuer's distinguished name subject. Example: US |
| SSL_SERVER_I_DN_CN | Apache HTTPS | The computer name of the server certificate issuer's distinguished name subject. Example: cent32.microfocus.com |
| SSL_SERVER_I_DN_Email | Apache HTTPS | The email address of the server certificate issuer's distinguished name subject. Example: michael.schultz@microfocus.com |
| SSL_SERVER_I_DN_L | Apache HTTPS | The location of the server certificate issuer's distinguished name subject. Example: Austin |
| SSL_SERVER_I_DN_O | Apache HTTPS | The organization of the server certificate issuer's distinguished name subject. Example: Micro Focus |
| SSL_SERVER_I_DN_OU | Apache HTTPS | The organization unit of the server certificate issuer's distinguished name subject. Example: Development |
| SSL_SERVER_I_DN_ST | Apache HTTPS | The state of the server certificate issuer's distinguished name subject. Example: Texas |
| SSL_SERVER_A_KEY | Apache HTTPS | The signature algorithm of the server's key. Example: rsaEncryption |
| SSL_SERVER_A_SIG | Apache HTTPS | The signature algorithm of the server's certificate. Example: md5WithRSAEncryption |
| SSL_SERVER_V_END | Apache HTTPS | The server certificate's validity end time. Example: Jan 13 08:13:27 2006 GMT |
| SSL_SERVER_V_START | Apache HTTPS | The server certificate's validity start time. Example: Dec 14 08:13:27 2005 GMT |
| SSL_VERSION_INTERFACE | Apache HTTPS | The version of the SSL interface. Example: mod_ssl/2.0.55 |
| SSL_VERSION_LIBRARY | Apache HTTPS | The version of the SSL library. Example: OpenSSL/0.9.8a |
| UNMAPPED_REMOTE_USER | IIS | The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. This variable is no different from REMOTE_USER. If you have an authentication filter installed on your web server that maps incoming users to accounts, use LOGON_USER to view the mapped user name. |
| URL | IIS | Gives the base portion of the URL. |