Server Side Includes

Server Side Includes (SSI) is a simple interpreted server-side scripting language used almost exclusively for the Web.

The most frequent use of SSI is to include the contents of one or more files into a web page on a web server. For example, a web page containing a daily quotation could include the quotation by placing the following code into the file of the web page:

<!--#include virtual="../quote.txt" -->

With one change of the quote.txt file, all pages including the file will display the latest daily quotation. The inclusion is not limited to files, and may also be the text output from a program, or the value of a system variable such as the current time.

Server Side Includes are useful for including a common piece of code throughout a site, such as a page header, a page footer and a navigation menu. Conditional navigation menus can be conditionally included using control directives.

In order for a web server to recognize an SSI-enabled HTML file and therefore carry out these instructions, either the filename should end with a special extension, by default .shtml, .stm, .shtm, or, if the server is configured to allow this, set the execution bit of the file.

As a simple programming language, SSI supports only one type: text. Its control flow is rather simple, choice is supported, but loops are not natively supported and can only be done by recursion using include or using HTTP redirect. The simple design of the language makes it easier to learn and use than most server-side scripting languages, while complicated server-side processing is often done with one of the more feature-rich programming languages. SSI is Turing complete.[1]

Apache, nginx, lighttpd and IIS are the four major web servers that support this language.

Contents

Basic syntax

SSI has a simple syntax: <!--#directive parameter=value parameter=value -->. Directives are placed in HTML comments so that if SSI is not enabled, users will not see the SSI directives on the page, unless they look at its source. Note that the syntax does not allow spaces between the leading "<" and the directive. [2]

Directives

Most common directives

Directive Parameters Description Example
include file, direct or virtual This is probably the most used SSI directive, allowing the content of one document to be included in another. The file or virtual parameters specify the file (HTML page, text file, script, etc.) to be included. The file parameter defines the included file as relative to the document path; the virtual parameter defines the included file as relative to the document root. <!--#include virtual="header.html" -->
Apache tutorial on SSI stipulates the format requires a space character before the "-->" that closes the element.
include file or virtual Includes the contents of another file or the result of running a CGI script. If the process does not have access to read the file or execute the script, the include will fail. "virtual" specifies the target relative to the domain root, while "file" specifies the path relative to the directory of the current file. When using "file" it is forbidden to reference to absolute paths. Higher directories (..) are usually forbidden, unless explicitly configured. The Apache documentation recommends using "virtual" in preference to "file". <!--#include virtual="menu.cgi" -->
or
<!--#include file="footer.html" -->
exec cgi or cmd This directive executes a program, script, or shell command on the server. The cmd parameter specifies a server-side command; the cgi parameter specifies the path to a CGI script. The PATH_INFO and QUERY_STRING of the current SSI script will be passed to the CGI script, as a result "exec cgi" should be used instead of "include virtual". <!--#exec cgi="/cgi-bin/foo.cgi" -->
or
<!--#exec cmd="ls -l" -->
echo var This directive displays the contents of a specified HTTP environment variable. Variables include HTTP_USER_AGENT, LAST_MODIFIED, and HTTP_ACCEPT. <!--#echo var="REMOTE_ADDR" -->
config timefmt, sizefmt, or errmsg This directive configures the display formats for the date, time, filesize, and error message (returned when an SSI command fails). <!--#config timefmt="%y %m %d" -->
or
<!--#config sizefmt="bytes" -->
or
<!--#config errmsg="SSI command failed!" -->
flastmod or fsize file or virtual These directives display the date when the specified document was last modified, or the specified document's size. The file or virtual parameters specify the document to use. The file parameter defines the document as relative to the document path; the virtual parameter defines the document as relative to the document root. <!--#flastmod virtual="index.html" -->
or
<!--#fsize file="script.pl" -->
printenv   This directive outputs a list of all variables and their values, including environmental and user-defined variables. It has no attributes. <!--#printenv -->

Control directives

Directive Parameters Description Example
if expr Used for condition tests that may determine and generate multiple logical pages from one single physical page. <!--#if expr="${Sec_Nav}" -->
<!--#include virtual="" -->
<!--#endif -->
elif expr Serves the same purpose as further conditioning in programming languages. <!--#if expr="${Sec_Nav}" -->
<!--#include virtual="secondary_nav.txt" -->
<!--#elif expr="${Pri_Nav}" -->
<!--#include virtual="primary_nav.txt" -->
<!--#endif -->
else If none of the if and elif directive catches the present condition, things in here should happen. <!--#if expr="${Sec_Nav}" -->
<!--#include virtual="secondary_nav.txt" -->
<!--#else -->
<!--#include virtual="article.txt" -->
<!--#endif -->
endif Termination of a conditional construct. See above for example.
set var, value Sets the value of a SSI variable. (Not supported by all implementations) <!--#set var="foo" value="bar" -->

The <!--#set --> command is supported in both Apache httpd and lighttpd.

Client Side Includes

Client Side Includes are HTML includes achieved on the client-side. This means that the inclusions can be cached on the client. It also means that web pages with includes can be viewed locally on the file system without a web server.

However, while HTML allows the direct inclusion of CSS, JavaScript and Image files into a web page it has never allowed direct inclusion of HTML. There are several tricks to achieve this, each with their own problems. These include:-

These client-side includes are relatively complex, are not accessible to WYSIWYG editors, and rely on the client's support of their respective technologies. In the case of frames and iframes, they are less accessible.

At first it seems that manually copying and recopying HTML fragments from page to page is the easiest way, but SSI/CSI pays off. In the future, browsers may implement the W3C XInclude specification which enables client-side includes. Similarly, client-side XML includes may be done in some browsers today through the use of DTDs and external entities.

See also

References

External links