Microsoft IIS Variable Debugger

When writing server based applications that will run on different servers, it can be very useful to know what the server environment is. Using this information, you can get a better idea of what is going on behind the scenes.

For example, there are subtle differences in the way that different versions of IIS execute code. Additionally, it can be important to know what the client and server Internet Protocol (IP) addresses are, along with what the user's browser capabilities are.

Another interesting point is that client side firewalls can affect the information available to server side code, and can affect how the server communicates with the client side web browser. An example of this is present in a popular client side firewall that we tested. ZoneAlarm Pro clears the HTTP_ACCEPT_ENCODING value sent by Microsoft Internet Explorer in order to inject popup and cookie blocker javascript code into web pages.

The code presented here outputs a table containing most of the server variables available to ASP applications.

Click ServerInfo.asp to see a sample of what ServerInfo.asp generates.
Click Download the source to see the ServerInfo.asp source code.
Click Download the source to download the ServerInfo.asp source code as a .ZIP file.

Other Important Server Variables

HTTP_COOKIE

This server variable holds the entire contents of the web browser cookie as it appears on the client web browser's machine.

HTTP_USER_AGENT

This server variable holds the same data as the web browser variable "navigator.userAgent", which identifies the web browser being used to load the page.

REMOTE_ADDR

This server variable holds the IP address of the client web browser requesting the web page from the server. This value can be parsed at the server in order to implement IPSEC (IP Security), to prevent access to server pages from any but specific authorized IP addresses.

URL

This server variable holds the URL of the page that is being requested, minus the domain name and protocol part of the string.

HTTP_ACCEPT_LANGUAGE

This server typically holds the value "en-us" for computers configured for the English language in the USA.

HTTP_ACCEPT

This server variable will typically hold a value like "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg". When Flash is loaded and available for the browser to use, the string "application/x-shockwave-flash" will also be present. Additional MimeType identifier strings will be present when other programs are also loaded and a web browser has been extended to view the document within the browser.

Parsing this variable at the server can be useful in determining what type of images to show a site visitor.

HTTP_CONNECTION

This server variable normally has the value "Keep-Alive" if the client is using a web browser.

HTTP_ACCEPT_ENCODING

This server variable normally has the value "gzip, deflate" if the client is using a web browser to load the page from your server. However, some firewall software applications strip this value out so they can watch the data stream from the server to the web browser, and remove any offensive code such as popups or web based attacks.


Copyright © 2004-2024 Spectrum Research, Inc., All rights reserved. Unauthorized duplication prohibited.