Magic Wiki-Wakka: Web Server Variables and CGI environment variables

Most recent edit on 2008-01-24 18:23:24 by AndreasSedlmeier [fixed a hyperlink]

Additions:
~& It seems that the internet requester(s) saw quite a few changes in v9.4 SP8 (http://ftp.magicsoftware.com/ver/docs/Downloads/v9product/v94_sp8_ReleaseNotes.pdf∞ ).

Deletions:
~& It seems that the internet requester(s) saw quite a few changes in v9.4 SP8 (http://ftp.magicsoftware.com/ver/docs/Downloads/v9product/v94_sp8_ReleaseNotes.pdf)∞.

Edited on 2008-01-23 19:37:08 by AndreasSedlmeier [changed html for table]

Additions:
Below you find output of a sample program which echoes CGI environment and Internet Server variables from within a Magic application to html. The Magic program itself I made part of the Form-based File Upload in HTML sample which is available for download. Sample output is generated with IIS6.0 on Windows XP SP2. Other webservers may have a bit different set of variables. The Magic version I tested with was 9.4 SP8. The required HttpVars= definition in mgreq.ini was as given in the sample above. You'll note that some of the values for variables are NOT filled when you run the sample program with the CGI requester, while they ARE filled when you run the same program with the ISAPI requester. This is a limitation of the Magic 9.4 CGI requester.
Output of a CGI / server variable "echo" program written in Magic and invoked with 9.4 ISAPI requester and CGI requster:

<td style="width: 539px; color: black; font-family: Verdana; background-color: yellow; text-align: center">Variable</td>
<td style="width: 40%; font-family: Verdana; font-size: small;">return value ISAPI requester (mgrqispi94.dll)</td>

<td style="width: 40%; font-family: Verdana; font-size: small;">return value CGI requester (mgrqcgi94.exe)</td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">ALL_HTTP </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">HTTP_ACCEPT:image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus, */* HTTP_ACCEPT_LANGUAGE:en-us,de;q=0.5
HTTP_CONNECTION:Keep-Alive HTTP_HOST:andreas HTTP_REFERER:https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A=∞= HTTP_USER_AGENT:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1) HTTP_COOKIE:CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A

" HTTP_UA_CPU:x86 HTTP_ACCEPT_ENCODING:gzip, deflate HTTP_X_REWRITE_URL:/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">ALL_RAW </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">Accept: image/gif, image/x-xbitmap, image/jpeg,
image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus, */* Accept-Language: en-us,de;q=0.5 Connection: Keep-Alive
Host: andreas Referer: https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A=∞=
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1)
Cookie: CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A " UA-CPU: x86
Accept-Encoding: gzip, deflate
X-Rewrite-URL: /Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">APPL_PHYSICAL_PATH </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">AUTH_PASSWORD </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CACHE_URL </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CERT_COOKIE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">455a84e84b12be870d80109937f91d63 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CERT_FLAGS </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">1 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CERT_ISSUER </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">C=ZA, O=Thawte Consulting (Pty) Ltd., CN=Thawte Personal Freemail Issuing CA </td>

<td align="left" style="font-size: small; width: 40%; font-family: Verdana" valign="top">C=ZA, O=Thawte Consulting (Pty) Ltd., CN=Thawte Personal Freemail Issuing CA </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CERT_KEYSIZE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">128</td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CERT_SECRETKEYSIZE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">4096 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CERT_SERIALNUMBER </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">
7c-2c-76-fc-01-14-6f-3e-56-65-a2-c8-a5-35-90-ec</td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CERT_SERVER_ISSUER </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">C=DE, S=BAVARIA, L=MUNICH, O=ANDREAS

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CERT_SERVER_SUBJECT </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">C=DE, S=BAVARIA, L=MUNICH, O=Andreas

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CERT_SUBJECT </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">CN=Thawte Freemail Member, E=sedlmeier@hotmail.com </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CONTENT_LENGTH </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">CONTENT_TYPE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">GATEWAY_INTERFACE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTPS </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">on </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTPS_KEYSIZE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">128 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTPS_SECRETKEYSIZE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">4096 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTPS_SERVER_ISSUER </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">C=DE, S=BAVARIA, L=MUNICH, O=ANDREAS

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTPS_SERVER_SUBJECT </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">C=DE, S=BAVARIA, L=MUNICH, O=Andreas

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTP_ACCEPT </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">image/gif, image/x-xbitmap, image/jpeg,

<td align="left" style="font-size: small; width: 40%; font-family: Verdana" valign="top">
image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash,
application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus,
*/* </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTP_ACCEPT_ENCODING </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">gzip, deflate </td>

<td align="left" style="font-size: small; width: 40%; font-family: Verdana" valign="top">
gzip, deflate</td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTP_ACCEPT_LANGUAGE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">en-us,de;q=0.5 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTP_CONNECTION </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">Keep-Alive </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTP_COOKIE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A

" </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTP_HOST </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">andreas </td>

<td align="left" style="font-size: small; width: 40%; font-family: Verdana" valign="top">andreas</td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTP_REFERER </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A== </td∞>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTP_USER_AGENT </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727;InfoPath.1)</td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">HTTP_VERSION </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">HTTP/1.1 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">INSTANCE_ID </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">1 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">INSTANCE_META_PATH </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">/LM/W3SVC/1 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">LOCAL_ADDR </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">172.23.107.107 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">LOGON_USER </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">PATH_TRANSLATED </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">C:\web.dev\www\htdocs</td>

<td align="left" style="font-size: small; width: 40%; font-family: Verdana" valign="top">C:\web.dev\www\htdocs</td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">QUERY_STRING </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA</td>

<td align="left" style="font-size: small; width: 40%; font-family: Verdana" valign="top">AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA</td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">REMOTE_ADDR </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">172.23.107.107 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">REMOTE_HOST </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">172.23.107.107 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">REMOTE_PORT </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana">1380 </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">REMOTE_USER </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">REQUEST_METHOD </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">SCRIPT_NAME </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">SCRIPT_TRANSLATED </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">SERVER_NAME </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">SERVER_PORT </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">SERVER_PORT_SECURE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">SERVER_PROTOCOL </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">SERVER_SOFTWARE </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">SSI_EXEC_DISABLED </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">UNENCODED_URL </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td vAlign="top" align="left" style="font-weight: bold; font-size: small; width: 539px; font-family: Verdana">UNMAPPED_REMOTE_USER </td>
<td vAlign="top" align="left" style="font-size: small; width: 40%; font-family: Verdana"> </td>

<td align="left" style="font-size: small; width: 40%; font-family: Verdana" valign="top"></td>

Deletions:
Below you find output of a sample program which outputs CGI environment and server variables from within a Magic application. The Magic program itself I made part of the Form-based File Upload in HTML sample which is available for download.

For this sample output I used MS IIS6.0 on Windows XP SP2. The Magic version I tested with was 9.4 SP7. The IIS was configured to require client certificates and a SSL (>= 128 bit) connection.
I worked with the HttpVars definition in mgreq.ini given in the sample above. You'll note that some of the values for variables are NOT filled when you run the sample program with the CGI requester, while they ARE filled when you run the same program with the ISAPI requester. This is a limitation of the Magic 9.4 CGI requester. The Apache loadable module I did not yet test.
The test is not yet complete. Some of the variables which are empty in both tables below are empty because I did noty yet include the variable name in the HttpVars string. It is not possible to access their content from within Magic. You would see a value if the variable name would have been included in the HttpVars= list in the mgreq.ini
Output of a CGI / server variable "echo" program written in Magic and invoked with 9.4 ISAPI requester:

<td>Name</td>
<td>Value</td>
<td>Description</td>
<td vAlign="top" align="left">ALL_HTTP </td>
<td vAlign="top" align="left">HTTP_ACCEPT:image/gif, image/x-xbitmap,
image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel,
application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus,
*/* HTTP_ACCEPT_LANGUAGE:en-us,de;q=0.5 HTTP_CONNECTION:Keep-Alive
HTTP_HOST:andreas HTTP_REFERER:https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A=∞=
HTTP_USER_AGENT:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1;
iOpus-I-M; Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET CLR
2.0.50727; InfoPath.1) HTTP_COOKIE:CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A

" HTTP_UA_CPU:x86 HTTP_ACCEPT_ENCODING:gzip, deflate HTTP_X_REWRITE_URL:/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA

nbsp;</td> <td vAlign="top" align="left">All HTTP headers sent by the client. </td>
<td vAlign="top" align="left">ALL_RAW </td>
<td vAlign="top" align="left">Accept: image/gif, image/x-xbitmap, image/jpeg,
application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus,
/ Accept-Language: en-us,de;q=0.5 Connection: Keep-Alive Host: andreas
Referer: https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A=∞=
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; iOpus-I-M;
Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET CLR 2.0.50727;
InfoPath.1) Cookie: CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A

" UA-CPU: x86 Accept-Encoding: gzip, deflate X-Rewrite-URL:
/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA

nbsp;</td> <td vAlign="top" align="left">All headers in raw form. The header names
and values appear as they are sent by the client </td>
<td vAlign="top" align="left">APPL_MD_PATH </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Retrieves the metabase path of the
application. </td>
<td vAlign="top" align="left">APPL_PHYSICAL_PATH </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Retrieves the physical path corresponding
to the metabase path in APPL_MD_PATH. </td>
<td vAlign="top" align="left">APP_POOL_ID </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Returns the name of the application pool
that is running in the IIS worker process that is handling the request. </td>
<td vAlign="top" align="left">AUTH_PASSWORD </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The value entered in the client's
authentication dialog. This variable is only available if Basic
authentication is used </td>
<td vAlign="top" align="left">AUTH_TYPE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The type of authentication used. If the
string is empty, then no authentication is used. Possible values are
Basic or NTLM </td>
<td vAlign="top" align="left">AUTH_USER </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The value entered in the client's
authentication dialog box </td>
<td vAlign="top" align="left">CACHE_URL </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">For use in ISAPI applications only.
Returns the unambiguous name for the current URL. It is necessary to use
the Unicode version of this variable in conjunction with the kernel mode
cache invalidation function to evict entries placed in the cache by
HSE_REQ_VECTOR_SEND </td>
<td vAlign="top" align="left">CERT_COOKIE </td>
<td vAlign="top" align="left">455a84e84b12be870d80109937f91d63 </td>
<td vAlign="top" align="left">Unique ID for the client certificate,
returned as a string. This can be used as a signature for the whole
client certificate </td>
<td vAlign="top" align="left">CERT_FLAGS </td>
<td vAlign="top" align="left">1 </td>
<td vAlign="top" align="left">If bit0 is set to 1, a client certificate
is present. If bit1 is set to 1, the certification authority (CA) of the
client certificate is invalid. That is, it is not on this server's list
of recognized CAs </td>
<td vAlign="top" align="left">CERT_ISSUER </td>
<td vAlign="top" align="left">C=ZA, O=Thawte Consulting (Pty) Ltd., CN=Thawte
Personal Freemail Issuing CA </td>
<td vAlign="top" align="left">The issuer field of the client certificate. </td>
<td vAlign="top" align="left">CERT_KEYSIZE </td>
<td vAlign="top" align="left">128 </td>
<td vAlign="top" align="left">The number of bits in the Secure Sockets
Layer (SSL) connection key size </td>
<td vAlign="top" align="left">CERT_SECRETKEYSIZE </td>
<td vAlign="top" align="left">4096 </td>
<td vAlign="top" align="left">The number of bits in the server
certificate private key </td>
<td vAlign="top" align="left">CERT_SERIALNUMBER </td>
<td vAlign="top" align="left">
7c-2c-76-fc-01-14-6f-3e-56-65-a2-c8-a5-35-90-ec </td>
<td vAlign="top" align="left">The serial-number field of the client
certificate </td>
<td vAlign="top" align="left">CERT_SERVER_ISSUER </td>
<td vAlign="top" align="left">C=DE, S=BAVARIA, L=MUNICH, O=ANDREAS
<td vAlign="top" align="left">The issuer field of the server certificate. </td>
<td vAlign="top" align="left">CERT_SERVER_SUBJECT </td>
<td vAlign="top" align="left">C=DE, S=BAVARIA, L=MUNICH, O=Andreas
<td vAlign="top" align="left">The subject field of the server
certificate </td>
<td vAlign="top" align="left">CERT_SUBJECT </td>
<td vAlign="top" align="left">CN=Thawte Freemail Member, E=sedlmeier@hotmail.com </td>
<td vAlign="top" align="left">The subject field of the client
certificate. </td>
<td vAlign="top" align="left">CONTENT_LENGTH </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The number of bytes of data that the
script or extension can expect to receive from the client. This total
does not include headers </td>
<td vAlign="top" align="left">CONTENT_TYPE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The content type of the information
supplied in the body of a POST request </td>
<td vAlign="top" align="left">GATEWAY_INTERFACE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The revision of the CGI specification used
by the server. The format is CGI/revision </td>
<td vAlign="top" align="left">HTTPS </td>
<td vAlign="top" align="left">on </td>
<td vAlign="top" align="left">On if the request came in through secure
channel (with SSL encryption), or off if the request is for an unsecure
channe </td>
<td vAlign="top" align="left">HTTPS_KEYSIZE </td>
<td vAlign="top" align="left">128 </td>
<td vAlign="top" align="left">Number of bits in the SSL connection key
size. For example, 128. </td>
<td vAlign="top" align="left">HTTPS_SECRETKEYSIZE </td>
<td vAlign="top" align="left">4096 </td>
<td vAlign="top" align="left">The number of bits in server certificate
private key </td>
<td vAlign="top" align="left">HTTPS_SERVER_ISSUER </td>
<td vAlign="top" align="left">C=DE, S=BAVARIA, L=MUNICH, O=ANDREAS
<td vAlign="top" align="left">The issuer field of the server certificate </td>
<td vAlign="top" align="left">HTTPS_SERVER_SUBJECT </td>
<td vAlign="top" align="left">C=DE, S=BAVARIA, L=MUNICH, O=Andreas
<td vAlign="top" align="left">The subject field of the server
certificate </td>
<td vAlign="top" align="left">HTTP_ACCEPT </td>
<td vAlign="top" align="left">image/gif, image/x-xbitmap, image/jpeg,
<td vAlign="top" align="left">The Accept header </td>
<td vAlign="top" align="left">HTTP_ACCEPT_ENCODING </td>
<td vAlign="top" align="left">gzip, deflate </td>
<td vAlign="top" align="left">Returns a list of accepted encoding types,
for example, "gzip, deflate". </td>
<td vAlign="top" align="left">HTTP_ACCEPT_LANGUAGE </td>
<td vAlign="top" align="left">en-us,de;q=0.5 </td>
<td vAlign="top" align="left">Returns a string describing the language
to use for displaying content. </td>
<td vAlign="top" align="left">HTTP_CONNECTION </td>
<td vAlign="top" align="left">Keep-Alive </td>
<td vAlign="top" align="left">Returns a string describing the connection
type, for example, "Keep-Alive". </td>
<td vAlign="top" align="left">HTTP_COOKIE </td>
<td vAlign="top" align="left">CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A

" </td> <td vAlign="top" align="left">Returns the cookie string that was
included with the request </td>
<td vAlign="top" align="left">HTTP_HOST </td>
<td vAlign="top" align="left">andreas </td>
<td vAlign="top" align="left">Returns the name of the Web server. This
may or may not be the same as SERVER_NAME, depending on type of name
resolution you are using on your Web server (IP address or host

. </td> <td vAlign="top" align="left">HTTP_REFERER </td>
<td vAlign="top" align="left">
https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A== </td∞>
<td vAlign="top" align="left">Returns a string that contains the URL of
the page that referred the request to the current page by using an HTML
<a>tag. Note that the URL is the one that the user typed into the
browser address bar, which may not include the name of a default
document. If the page is redirected, HTTP_REFERER is empty. HTTP_REFERER
is not a mandatory member of the HTTP specification </a></td>
<td vAlign="top" align="left">HTTP_USER_AGENT </td>
<td vAlign="top" align="left">Mozilla/4.0 (compatible; MSIE 7.0; Windows
NT 5.1; iOpus-I-M; Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET
CLR 2.0.50727; InfoPath.1) </td>
<td vAlign="top" align="left">Returns a string describing the browser
that sent the request. </td>
<td vAlign="top" align="left">HTTP_VERSION </td>
<td vAlign="top" align="left">HTTP/1.1 </td>
<td vAlign="top" align="left">The name and version of the request
protocol (the raw form of SERVER_PROTOCOL). </td>
<td vAlign="top" align="left">INSTANCE_ID </td>
<td vAlign="top" align="left">1 </td>
<td vAlign="top" align="left">The ID for the IIS instance in textual
format. If the instance ID is 1, it appears as a string. You can use
this variable to retrieve the ID of the Web server instance (in the

to which the request belongs </td> <td vAlign="top" align="left">INSTANCE_META_PATH </td>
<td vAlign="top" align="left">/LM/W3SVC/1 </td>
<td vAlign="top" align="left">The metabase path for the instance of IIS
that responds to the request </td>
<td vAlign="top" align="left">LOCAL_ADDR </td>
<td vAlign="top" align="left">172.23.107.107 </td>
<td vAlign="top" align="left">Returns the server address on which the
request came in. This is important on computers where there can be
multiple IP addresses bound to the computer, and you want to find out
which address the request used </td>
<td vAlign="top" align="left">LOGON_USER </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The Windows account that the user is
impersonating while connected to your Web server. Use REMOTE_USER,
UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is
contained in the request header. The only time LOGON_USER holds a
different value than these other variables is if you have an
authentication filter installed. </td>
<td vAlign="top" align="left">PATH_INFO </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Additional path information, as given by
the client. This consists of the trailing part of the URL after the
script or ISAPI DLL name, but before the query string, if any </td>
<td vAlign="top" align="left">PATH_TRANSLATED </td>
<td vAlign="top" align="left">C:\factorlink.dev\www\htdocs </td>
<td vAlign="top" align="left">The value of PATH_INFO, but with any
virtual path expanded into a directory specification </td>
<td vAlign="top" align="left">QUERY_STRING </td>
<td vAlign="top" align="left">AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA </td>
<td vAlign="top" align="left">The information that follows the first
question mark in the URL that referenced this script </td>
<td vAlign="top" align="left">REMOTE_ADDR </td>
<td vAlign="top" align="left">172.23.107.107 </td>
<td vAlign="top" align="left">The IP address of the client or agent of
the client (for example gateway, proxy, or firewall) that sent the
request </td>
<td vAlign="top" align="left">REMOTE_HOST </td>
<td vAlign="top" align="left">172.23.107.107 </td>
<td vAlign="top" align="left">The host name of the client or agent of
the client (for example, gateway, proxy or firewall) that sent the
request if reverse DNS is enabled. Otherwise, this value is set to the
IP address specified by REMOTE_ADDR </td>
<td vAlign="top" align="left">REMOTE_PORT </td>
<td vAlign="top" align="left">1380 </td>
<td vAlign="top" align="left">The client port number of the TCP
connection </td>
<td vAlign="top" align="left">REMOTE_USER </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The user name supplied by the client and
authenticated by the server. This comes back as an empty string when the
user is anonymous </td>
<td vAlign="top" align="left">REQUEST_METHOD </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The HTTP request method verb. </td>
<td vAlign="top" align="left">SCRIPT_NAME </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The name of the script program being
executed </td>
<td vAlign="top" align="left">SCRIPT_TRANSLATED </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The canonical physical path to the script
listed in SCRIPT_NAME, for example,

quot;\\?\c:\inetpub\wwwroot\vdir\default.asp". </td> <td vAlign="top" align="left">SERVER_NAME </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The server's host name, or IP address, as
it should appear in self-referencing URLs. </td>
<td vAlign="top" align="left">SERVER_PORT </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The TCP/IP port on which the request was
received </td>
<td vAlign="top" align="left">SERVER_PORT_SECURE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">A string of either 0 or 1. If the request
is being handled on the secure port, then this will be 1. Otherwise, it
will be 0 </td>
<td vAlign="top" align="left">SERVER_PROTOCOL </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The name and version of the information
retrieval protocol relating to this request. </td>
<td vAlign="top" align="left">SERVER_SOFTWARE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The name and version of the Web Server
under which the ISAPI extension DLL program is running </td>
<td vAlign="top" align="left">SSI_EXEC_DISABLED </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Returns a 1 if the server-side include
directive, #exec, is disabled. Otherwise, SSI_EXE_DISABLED returns a 0.
To enable or disable #exec, use the SSIExecDisablemetabase property. </td>
<td vAlign="top" align="left">UNENCODED_URL </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Returns the raw, unencoded URL, for
example, "/vdir/default.asp?querystring". </td>
<td vAlign="top" align="left">UNMAPPED_REMOTE_USER </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The name of the user as it is derived from
the authorization header sent by the client, before the user name is
mapped to a Windows account. This variable is no different from
REMOTE_USER. If you have an authentication filter installed on your Web
server that maps incoming users to accounts, use LOGON_USER to view the
mapped user name. </td>
<td vAlign="top" align="left">URL </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The base portion of the URL. Parameter
values will not be included. The value is determined when the Web Server
parses the URL from the header </td>

Output of a CGI / server variable "echo" program written in Magic and invoked with 9.4 CGI requester:
""<table width="100%" border="1" id="table2">

<td> </td>
<td>Value</td>
<td>Description</td>
<td vAlign="top" align="left">ALL_HTTP </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">All HTTP headers sent by the client. </td>
<td vAlign="top" align="left">ALL_RAW </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">All headers in raw form. The header names
and values appear as they are sent by the client </td>
<td vAlign="top" align="left">APPL_MD_PATH </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Retrieves the metabase path of the
application. </td>
<td vAlign="top" align="left">APPL_PHYSICAL_PATH </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Retrieves the physical path corresponding
to the metabase path in APPL_MD_PATH. </td>
<td vAlign="top" align="left">APP_POOL_ID </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Returns the name of the application pool
that is running in the IIS worker process that is handling the request. </td>
<td vAlign="top" align="left">AUTH_PASSWORD </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The value entered in the client's
authentication dialog. This variable is only available if Basic
authentication is used </td>
<td vAlign="top" align="left">AUTH_TYPE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The type of authentication used. If the
string is empty, then no authentication is used. Possible values are
Basic or NTLM </td>
<td vAlign="top" align="left">AUTH_USER </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The value entered in the client's
authentication dialog box </td>
<td vAlign="top" align="left">CACHE_URL </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">For use in ISAPI applications only.
Returns the unambiguous name for the current URL. It is necessary to use
the Unicode version of this variable in conjunction with the kernel mode
cache invalidation function to evict entries placed in the cache by
HSE_REQ_VECTOR_SEND </td>
<td vAlign="top" align="left">CERT_COOKIE </td>
<td vAlign="top" align="left">455a84e84b12be870d80109937f91d63 </td>
<td vAlign="top" align="left">Unique ID for the client certificate,
returned as a string. This can be used as a signature for the whole
client certificate </td>
<td vAlign="top" align="left">CERT_FLAGS </td>
<td vAlign="top" align="left">1 </td>
<td vAlign="top" align="left">If bit0 is set to 1, a client certificate
is present. If bit1 is set to 1, the certification authority (CA) of the
client certificate is invalid. That is, it is not on this server's list
of recognized CAs </td>
<td vAlign="top" align="left">CERT_ISSUER </td>
<td vAlign="top" align="left">C=ZA, O=Thawte Consulting (Pty) Ltd., CN=Thawte
Personal Freemail Issuing CA </td>
<td vAlign="top" align="left">The issuer field of the client certificate. </td>
<td vAlign="top" align="left">CERT_KEYSIZE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The number of bits in the Secure Sockets
Layer (SSL) connection key size </td>
<td vAlign="top" align="left">CERT_SECRETKEYSIZE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The number of bits in the server
certificate private key </td>
<td vAlign="top" align="left">CERT_SERIALNUMBER </td>
<td vAlign="top" align="left">
7c-2c-76-fc-01-14-6f-3e-56-65-a2-c8-a5-35-90-ec </td>
<td vAlign="top" align="left">The serial-number field of the client
certificate </td>
<td vAlign="top" align="left">CERT_SERVER_ISSUER </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The issuer field of the server
certificate. </td>
<td vAlign="top" align="left">CERT_SERVER_SUBJECT </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The subject field of the server
certificate </td>
<td vAlign="top" align="left">CERT_SUBJECT </td>
<td vAlign="top" align="left">CN=Thawte Freemail Member,
E=sedlmeier@hotmail.com </td>
<td vAlign="top" align="left">The subject field of the client
certificate. </td>
<td vAlign="top" align="left">CONTENT_LENGTH </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The number of bytes of data that the
script or extension can expect to receive from the client. This total
does not include headers </td>
<td vAlign="top" align="left">CONTENT_TYPE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The content type of the information
supplied in the body of a POST request </td>
<td vAlign="top" align="left">GATEWAY_INTERFACE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The revision of the CGI specification used
by the server. The format is CGI/revision </td>
<td vAlign="top" align="left">HTTPS </td>
<td vAlign="top" align="left">on </td>
<td vAlign="top" align="left">On if the request came in through secure
channel (with SSL encryption), or off if the request is for an unsecure
channe </td>
<td vAlign="top" align="left">HTTPS_KEYSIZE </td>
<td vAlign="top" align="left">128 </td>
<td vAlign="top" align="left">Number of bits in the SSL connection key
size. For example, 128. </td>
<td vAlign="top" align="left">HTTPS_SECRETKEYSIZE </td>
<td vAlign="top" align="left">4096 </td>
<td vAlign="top" align="left">The number of bits in server certificate
private key </td>
<td vAlign="top" align="left">HTTPS_SERVER_ISSUER </td>
<td vAlign="top" align="left">C=DE, S=BAVARIA, L=MUNICH, O=ANDREAS
SEDLMEIER CONSULTING, OU=IT, CN=ANDREAS' TEST CA,
E=sedlmeier@hotmail.com </td>
<td vAlign="top" align="left">The issuer field of the server
certificate </td>
<td vAlign="top" align="left">HTTPS_SERVER_SUBJECT </td>
<td vAlign="top" align="left">C=DE, S=BAVARIA, L=MUNICH, O=Andreas
<td vAlign="top" align="left">The subject field of the server
certificate </td>
<td vAlign="top" align="left">HTTP_ACCEPT </td>
<td vAlign="top" align="left">image/gif, image/x-xbitmap, image/jpeg,
application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus,
*/* </td>
<td vAlign="top" align="left">The Accept header </td>
<td vAlign="top" align="left">HTTP_ACCEPT_ENCODING </td>
<td vAlign="top" align="left">gzip, deflate </td>
<td vAlign="top" align="left">Returns a list of accepted encoding types,
for example, "gzip, deflate". </td>
<td vAlign="top" align="left">HTTP_ACCEPT_LANGUAGE </td>
<td vAlign="top" align="left">en-us,de;q=0.5 </td>
<td vAlign="top" align="left">Returns a string describing the language
to use for displaying content. </td>
<td vAlign="top" align="left">HTTP_CONNECTION </td>
<td vAlign="top" align="left">Keep-Alive </td>
<td vAlign="top" align="left">Returns a string describing the connection
type, for example, "Keep-Alive". </td>
<td vAlign="top" align="left">HTTP_COOKIE </td>
<td vAlign="top" align="left">CVLANG=GB;
sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A " </td> <td vAlign="top" align="left">Returns the cookie string that was
included with the request </td>
<td vAlign="top" align="left">HTTP_HOST </td>
<td vAlign="top" align="left">andreas </td>
<td vAlign="top" align="left">Returns the name of the Web server. This
may or may not be the same as SERVER_NAME, depending on type of name
resolution you are using on your Web server (IP address or host

. </td> <td vAlign="top" align="left">HTTP_REFERER </td>
<td vAlign="top" align="left">
https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A== </td∞>
<td vAlign="top" align="left">Returns a string that contains the URL of
the page that referred the request to the current page by using an HTML
<a>tag. Note that the URL is the one that the user typed into the
browser address bar, which may not include the name of a default
document. If the page is redirected, HTTP_REFERER is empty. HTTP_REFERER
is not a mandatory member of the HTTP specification </a></td>
<td vAlign="top" align="left">HTTP_USER_AGENT </td>
<td vAlign="top" align="left">Mozilla/4.0 (compatible; MSIE 7.0; Windows
NT 5.1; iOpus-I-M; Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET
CLR 2.0.50727; InfoPath.1) </td>
<td vAlign="top" align="left">Returns a string describing the browser
that sent the request. </td>
<td vAlign="top" align="left">HTTP_VERSION </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The name and version of the request
protocol (the raw form of SERVER_PROTOCOL). </td>
<td vAlign="top" align="left">INSTANCE_ID </td>
<td vAlign="top" align="left">1 </td>
<td vAlign="top" align="left">The ID for the IIS instance in textual
format. If the instance ID is 1, it appears as a string. You can use
this variable to retrieve the ID of the Web server instance (in the

to which the request belongs </td> <td vAlign="top" align="left">INSTANCE_META_PATH </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The metabase path for the instance of IIS
that responds to the request </td>
<td vAlign="top" align="left">LOCAL_ADDR </td>
<td vAlign="top" align="left">172.23.107.107 </td>
<td vAlign="top" align="left">Returns the server address on which the
request came in. This is important on computers where there can be
multiple IP addresses bound to the computer, and you want to find out
which address the request used </td>
<td vAlign="top" align="left">LOGON_USER </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The Windows account that the user is
impersonating while connected to your Web server. Use REMOTE_USER,
UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is
contained in the request header. The only time LOGON_USER holds a
different value than these other variables is if you have an
authentication filter installed. </td>
<td vAlign="top" align="left">PATH_INFO </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Additional path information, as given by
the client. This consists of the trailing part of the URL after the
script or ISAPI DLL name, but before the query string, if any </td>
<td vAlign="top" align="left">PATH_TRANSLATED </td>
<td vAlign="top" align="left">C:\factorlink.dev\www\htdocs </td>
<td vAlign="top" align="left">The value of PATH_INFO, but with any
virtual path expanded into a directory specification </td>
<td vAlign="top" align="left">QUERY_STRING </td>
<td vAlign="top" align="left">AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA </td>
<td vAlign="top" align="left">The information that follows the first
question mark in the URL that referenced this script </td>
<td vAlign="top" align="left">REMOTE_ADDR </td>
<td vAlign="top" align="left">172.23.107.107 </td>
<td vAlign="top" align="left">The IP address of the client or agent of
the client (for example gateway, proxy, or firewall) that sent the
request </td>
<td vAlign="top" align="left">REMOTE_HOST </td>
<td vAlign="top" align="left">172.23.107.107 </td>
<td vAlign="top" align="left">The host name of the client or agent of
the client (for example, gateway, proxy or firewall) that sent the
request if reverse DNS is enabled. Otherwise, this value is set to the
IP address specified by REMOTE_ADDR </td>
<td vAlign="top" align="left">REMOTE_PORT </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The client port number of the TCP
connection </td>
<td vAlign="top" align="left">REMOTE_USER </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The user name supplied by the client and
authenticated by the server. This comes back as an empty string when the
user is anonymous </td>
<td vAlign="top" align="left">REQUEST_METHOD </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The HTTP request method verb. </td>
<td vAlign="top" align="left">SCRIPT_NAME </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The name of the script program being
executed </td>
<td vAlign="top" align="left">SCRIPT_TRANSLATED </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The canonical physical path to the script
listed in SCRIPT_NAME, for example, "\\?\c:\inetpub\wwwroot\vdir\default.asp". </td>
<td vAlign="top" align="left">SERVER_NAME </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The server's host name, or IP address, as
it should appear in self-referencing URLs. </td>
<td vAlign="top" align="left">SERVER_PORT </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The TCP/IP port on which the request was
received </td>
<td vAlign="top" align="left">SERVER_PORT_SECURE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">A string of either 0 or 1. If the request
is being handled on the secure port, then this will be 1. Otherwise, it
will be 0 </td>
<td vAlign="top" align="left">SERVER_PROTOCOL </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The name and version of the information
retrieval protocol relating to this request. </td>
<td vAlign="top" align="left">SERVER_SOFTWARE </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The name and version of the Web Server
under which the ISAPI extension DLL program is running </td>
<td vAlign="top" align="left">SSI_EXEC_DISABLED </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Returns a 1 if the server-side include
directive, #exec, is disabled. Otherwise, SSI_EXE_DISABLED returns a 0.
To enable or disable #exec, use the SSIExecDisablemetabase property. </td>
<td vAlign="top" align="left">UNENCODED_URL </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">Returns the raw, unencoded URL, for
example, "/vdir/default.asp?querystring". </td>
<td vAlign="top" align="left">UNMAPPED_REMOTE_USER </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The name of the user as it is derived from
the authorization header sent by the client, before the user name is
mapped to a Windows account. This variable is no different from
REMOTE_USER. If you have an authentication filter installed on your Web
server that maps incoming users to accounts, use LOGON_USER to view the
mapped user name. </td>
<td vAlign="top" align="left">URL </td>
<td vAlign="top" align="left"> </td>
<td vAlign="top" align="left">The base portion of the URL. Parameter
values will not be included. The value is determined when the Web Server
parses the URL from the header </td>

Edited on 2008-01-23 18:29:51 by AndreasSedlmeier [documented new (changed) behaviour of HttpVars= in 9.4 SP8]

Additions:
~& It seems that the internet requester(s) saw quite a few changes in v9.4 SP8 (http://ftp.magicsoftware.com/ver/docs/Downloads/v9product/v94_sp8_ReleaseNotes.pdf)∞.

The problem described above (errror (-103): "Application not supported by any Enterprise server") does not occur anymore. The behaviour changed with v9.4 SP8:

REMOTE_ADDR and REMOTE_HOST are no longer filled by default. If you want to query this variables you have to put it into your mgreq.ini HttpVars= string like in
"HttpVars = REMOTE_ADDR,REMOTE_HOST" (without the quotes). Note that the blanks on the left and right of the "=" sign are mandatory now; if you specify (as in previous versions) HttpVars=REMOTE_ADDR,REMOTE_HOST you'll experience problems.

The length restriction for the HttpVars string seems to be still in place. If the string gets too long, the requesters do not provide you with the values in the Magic environment.
Different from before 9.4 SP8 is that the broker error (-103) does not occur anymore. If thats however better than not providing the application with the required values ... is a question.

Edited on 2007-08-11 13:59:42 by InformaPlus

Additions:
Back to: TuTorials

Edited on 2007-02-14 19:41:17 by JeanChandler

Additions:
In order to pass data in a request from a CGI script, a web server uses the command line and envronment variables (according to the CGI specification). These variables then contain important information about the request and the client and you can access this information from within CGI scripts. In Magic & Internet applications which receive requests, you might want to access and use this information as well.

If you protected your Magic & internet application with SSL and client certificates, you might want to get some information about the client and server certificate and decide if you accept or reject that request.
Similarly, Cookies are exchanged between http client (browser) and server (web server) by means of http header variables. Cookies will have been however already been disjointed by the requester for you. While the CGI environment variable 'HTTP_COOKIE' contains the complete cookie string, you can access the cookies by GetParam() with the name of a cookie as parameter. This works without having to define the name of the cookie as token in the HttpVars (find more information about HttpVars below).
The Magic requester(s) exposes this information to the Magic application which receives the request as global parameters (global variables). Inside your Magic Internet application you can access the CGI environment- and Server variables then with the function GetParam(). The IP address of the client you e.g. would get with GetParam('REMOTE_ADDR').
Since you cannot distinguish within your Magic application if a particular internet program was invoked by the Magic CGI requester, the ISAPI requester or the Apache loadable module requester, the mechanism for accessing CGI environment and server variables is the same. You use GetParam() to access the information. There are however differences in which information these different gateways provide to your application. Within a program invoked by the ISAPI requester you e.g. are able to retrieve more information than if the same program had been invoked by the CGI requester. Besides the environment variables defined in the CGI specification, the ISAPI requester will also expose some server variables which are specific to IIS.
Do not intersperse blanks in the string following the "HttpVars=". Your requester may not be able to read this.

Note: The length of the string following the HttpVars definition in the .ini is NOT unlimited. Magic resricts either the maximum length of this string or the number of variables (tokens). There's no documentation. If you do however put a HttpVars definition in your mgreq.ini which is either too long or contains too many tokens (variable names), the requester will cease working. You'll get an errror (-103): "Application not supported by any Enterprise server". This is misleading of course and you should avoid this situation. During some test with 9.4 SP7 following HttpVars definition worked:

Below you find output of a sample program which outputs CGI environment and server variables from within a Magic application. The Magic program itself I made part of the Form-based File Upload in HTML sample which is available for download.
The test is not yet complete. Some of the variables which are empty in both tables below are empty because I did noty yet include the variable name in the HttpVars string. It is not possible to access their content from within Magic. You would see a value if the variable name would have been included in the HttpVars= list in the mgreq.ini

Deletions:
In order to pass data about a request from to a CGI script, a web server uses the command line and envronment variables (according to the CGI specification). These variables then contain important information about the request and the client and you can access this information from within CGI scripts. In Magic & Internet applications receiving requests, you might want to access and use this information as well.
If you protected your Magic & internet application with SSL and client certificates, might want to get some infomation about the client and server certificate and decide if you accept or reject that request.
Cookies, which are exchanged between http client (browser) and server (web server) by means of http header variables, you might to want to access (read) as well. Cookies will have been however already been disjointed by the requester for you. While the CGI environment variable 'HTTP_COOKIE' contains the complete cookie string, you can access the cookies by GetParam() with the name of a cookie as parameter. This works without having to define the name of the cookie as token in the HttpVars (finde more information about HttpVars below).
The Magic requester(s) exposes these information to the Magic application which receives the request as global parameters (global variables). Inside your Magic Internet application you can access these CGI environment- and Server variables then with the function GetParam(). The IP address of the client you e.g. would get with GetParam('REMOTE_ADDR').
Since you cannot distinct within your Magic application if a particular internet program inside there was invoked by the Magic CGI requester, the ISAPI requester or the Apache loadable module requester, the mechanism for accessing CGI environment and server variables is the same. You use GetParam() to access the information. There's however differences in which information these different gateways provide to your application. Within a program invoked by the ISAPI requester you e.g. are able to retrieve some more information than in the same program if it would have been invoked by the CGI requester. Besides the environment variables defined in the CGI specification, the ISAPI requester will also expose some server variables which are specific to IIS.
Do not interperse blanks in the string following the "HttpVars=". Your requester may not be able to read this.

Note: The possible lenght of the string following the HttpVars definition in the .ini is NOT unlimited. Magic resricts either the maximum length of this string or the number of variables (tokens). There's no documentation. If you do however put a HttpVars definition in your mgreq.ini which is either too long or contains too many tokens (variable names), the requester will cease working. You'll get an errror (-103): "Application not supported by any Enterprise server". This is misleading of course and you should avoid this situation. During some test with 9.4 SP7 following HttpVars definition worked:

Below you find output of a sample program which outputs CGI environment and server variables from within a Magic application. The Magic programs itself I made part of the Form-based File Upload in HTML sample which is available for download.
The test is not yet complete. Some of the variables which are empty in both tables below are empty because I did noty yet include the variable name in the HttpVars string. There's no possibility to access their content from within Magic so. You would see a value if the variable name would have been included in the HttpVars= list in the mgreq.ini

Oldest known version of this page was edited on 2007-02-06 09:32:58 by AndreasSedlmeier []

Page view:

Web Server Variables and CGI environment variables

accessing CGI environment- and Internet server variables from within a eDeveloper program

In order to pass data about a request from to a CGI script, a web server uses the command line and envronment variables (according to the CGI specification). These variables then contain important information about the request and the client and you can access this information from within CGI scripts. In Magic & Internet applications receiving requests, you might want to access and use this information as well.

Examples for such information are f.i. the IP address of the client (REMOTE_ADDR) and the host name of the client (REMOTE_HOST).

If you protected your Magic & internet application with SSL and client certificates, might want to get some infomation about the client and server certificate and decide if you accept or reject that request.

Cookies, which are exchanged between http client (browser) and server (web server) by means of http header variables, you might to want to access (read) as well. Cookies will have been however already been disjointed by the requester for you. While the CGI environment variable 'HTTP_COOKIE' contains the complete cookie string, you can access the cookies by GetParam() with the name of a cookie as parameter. This works without having to define the name of the cookie as token in the HttpVars (finde more information about HttpVars below).

Besides information about the client and the request, CGI also suggests that some information should be exposed as environment variables to CGI scripts which are not request specific. This is e.g. information about the installed server software, the protocol, ... Information you might want to use within your Magic & internet application as well (f.i. to find out what server is used).

The Magic requester(s) exposes these information to the Magic application which receives the request as global parameters (global variables). Inside your Magic Internet application you can access these CGI environment- and Server variables then with the function GetParam(). The IP address of the client you e.g. would get with GetParam('REMOTE_ADDR').

Since you cannot distinct within your Magic application if a particular internet program inside there was invoked by the Magic CGI requester, the ISAPI requester or the Apache loadable module requester, the mechanism for accessing CGI environment and server variables is the same. You use GetParam() to access the information. There's however differences in which information these different gateways provide to your application. Within a program invoked by the ISAPI requester you e.g. are able to retrieve some more information than in the same program if it would have been invoked by the CGI requester. Besides the environment variables defined in the CGI specification, the ISAPI requester will also expose some server variables which are specific to IIS.

Preparing your Magic & Internet application to receive environemnet and server variables HttpVars

There's two environment variables with information about the remote request which you can always query with GetParam(): REMOTE_ADDR and REMOTE_HOST. To be able to receive any other environment variable, you need to modify the HttpVars entry in the requester .ini (mgreq.ini) first. HttpVars needs to contain a comma seperated list with names of those variables which you want the requester to expose to your Magic application. If you do not put the name of a environment variable in this list, you cannot query its value.

If you want f.i. to be able to query the values of variables HTTP_REFERER, QUERY_STRING, HTTP_COOKIE within your Magic program, you need to put following information in the [REQUESTER_ENV] section of your mgreq.ini:

HttpVars=HTTP_REFERER,QUERY_STRING,HTTP_COOKIE

Do not interperse blanks in the string following the "HttpVars=". Your requester may not be able to read this.

HttpVars=ALL_HTTP,ALL_RAW,CERT_COOKIE,CERT_FLAGS,CERT_ISSUER,CERT_KEYSIZE,CERT_SECRETKEYSIZE,CERT_SERIALNUMBER,CERT_SERVER_ISSUER,CERT_SERVER_SUBJECT,CERT_SUBJECT,CONTENT_TYPE,HTTPS,HTTPS_KEYSIZE,HTTPS_SECRETKEYSIZE,HTTPS_SERVER_ISSUER,HTTPS_SERVER_SUBJECT,HTTP_ACCEPT,HTTP_ACCEPT_ENCODING,HTTP_ACCEPT_LANGUAGE,HTTP_CONNECTION,HTTP_COOKIE,HTTP_HOST,HTTP_REFERER,HTTP_USER_AGENT,HTTP_VERSION,INSTANCE_ID,INSTANCE_META_PATH,LOCAL_ADDR,LOGON_USER,PATH_INFO,PATH_TRANSLATED,QUERY_STRING,REMOTE_PORT

While following definition resulted in an error# -103:

HttpVars=ALL_HTTP,ALL_RAW,CERT_COOKIE,CERT_FLAGS,CERT_ISSUER,CERT_KEYSIZE,CERT_SECRETKEYSIZE,CERT_SERIALNUMBER,CERT_SERVER_ISSUER,CERT_SERVER_SUBJECT,CERT_SUBJECT,CONTENT_TYPE,HTTPS,HTTPS_KEYSIZE,HTTPS_SECRETKEYSIZE,HTTPS_SERVER_ISSUER,HTTPS_SERVER_SUBJECT,HTTP_ACCEPT,HTTP_ACCEPT_ENCODING,HTTP_ACCEPT_LANGUAGE,HTTP_CONNECTION,HTTP_COOKIE,HTTP_HOST,HTTP_REFERER,HTTP_USER_AGENT,HTTP_VERSION,INSTANCE_ID,INSTANCE_META_PATH,LOCAL_ADDR,LOGON_USER,PATH_INFO,PATH_TRANSLATED,QUERY_STRING,REMOTE_PORT,REMOTE_HOST

The second HttpVars definition contains one more token (REMOTE_HOST) and is few characters longer

Examples and list of possible CGI environment / Sever-variables

Below you find output of a sample program which outputs CGI environment and server variables from within a Magic application. The Magic programs itself I made part of the Form-based File Upload in HTML sample which is available for download.

For this sample output I used MS IIS6.0 on Windows XP SP2. The Magic version I tested with was 9.4 SP7. The IIS was configured to require client certificates and a SSL (>= 128 bit) connection.

I worked with the HttpVars definition in mgreq.ini given in the sample above. You'll note that some of the values for variables are NOT filled when you run the sample program with the CGI requester, while they ARE filled when you run the same program with the ISAPI requester. This is a limitation of the Magic 9.4 CGI requester. The Apache loadable module I did not yet test.

The test is not yet complete. Some of the variables which are empty in both tables below are empty because I did noty yet include the variable name in the HttpVars string. There's no possibility to access their content from within Magic so. You would see a value if the variable name would have been included in the HttpVars= list in the mgreq.ini

Output of a CGI / server variable "echo" program written in Magic and invoked with 9.4 ISAPI requester:

Name Value Description

ALL_HTTP HTTP_ACCEPT:image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus, */* HTTP_ACCEPT_LANGUAGE:en-us,de;q=0.5 HTTP_CONNECTION:Keep-Alive HTTP_HOST:andreas HTTP_REFERER:https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A== HTTP_USER_AGENT:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; iOpus-I-M; Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1) HTTP_COOKIE:CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A==" HTTP_UA_CPU:x86 HTTP_ACCEPT_ENCODING:gzip, deflate HTTP_X_REWRITE_URL:/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA All HTTP headers sent by the client.

ALL_RAW Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus, */* Accept-Language: en-us,de;q=0.5 Connection: Keep-Alive Host: andreas Referer: https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A== User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; iOpus-I-M; Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1) Cookie: CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A==" UA-CPU: x86 Accept-Encoding: gzip, deflate X-Rewrite-URL: /Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA All headers in raw form. The header names and values appear as they are sent by the client

APPL_MD_PATH Retrieves the metabase path of the application.

APPL_PHYSICAL_PATH Retrieves the physical path corresponding to the metabase path in APPL_MD_PATH.

APP_POOL_ID Returns the name of the application pool that is running in the IIS worker process that is handling the request.

AUTH_PASSWORD The value entered in the client's authentication dialog. This variable is only available if Basic authentication is used

AUTH_TYPE The type of authentication used. If the string is empty, then no authentication is used. Possible values are Basic or NTLM

AUTH_USER The value entered in the client's authentication dialog box

CACHE_URL For use in ISAPI applications only. Returns the unambiguous name for the current URL. It is necessary to use the Unicode version of this variable in conjunction with the kernel mode cache invalidation function to evict entries placed in the cache by HSE_REQ_VECTOR_SEND

CERT_COOKIE 455a84e84b12be870d80109937f91d63 Unique ID for the client certificate, returned as a string. This can be used as a signature for the whole client certificate

CERT_FLAGS 1 If bit0 is set to 1, a client certificate is present. If bit1 is set to 1, the certification authority (CA) of the client certificate is invalid. That is, it is not on this server's list of recognized CAs

CERT_ISSUER C=ZA, O=Thawte Consulting (Pty) Ltd., CN=Thawte Personal Freemail Issuing CA The issuer field of the client certificate.

CERT_KEYSIZE 128 The number of bits in the Secure Sockets Layer (SSL) connection key size

CERT_SECRETKEYSIZE 4096 The number of bits in the server certificate private key

CERT_SERIALNUMBER 7c-2c-76-fc-01-14-6f-3e-56-65-a2-c8-a5-35-90-ec The serial-number field of the client certificate

CERT_SERVER_ISSUER C=DE, S=BAVARIA, L=MUNICH, O=ANDREAS SEDLMEIER CONSULTING, OU=IT, CN=ANDREAS' TEST CA, E=sedlmeier@hotmail.com The issuer field of the server certificate.

CERT_SERVER_SUBJECT C=DE, S=BAVARIA, L=MUNICH, O=Andreas Sedlmeier Consulting Services, OU=IT, CN=andreas The subject field of the server certificate

CERT_SUBJECT CN=Thawte Freemail Member, E=sedlmeier@hotmail.com The subject field of the client certificate.

CONTENT_LENGTH The number of bytes of data that the script or extension can expect to receive from the client. This total does not include headers

CONTENT_TYPE The content type of the information supplied in the body of a POST request

GATEWAY_INTERFACE The revision of the CGI specification used by the server. The format is CGI/revision

HTTPS on On if the request came in through secure channel (with SSL encryption), or off if the request is for an unsecure channe

HTTPS_KEYSIZE 128 Number of bits in the SSL connection key size. For example, 128.

HTTPS_SECRETKEYSIZE 4096 The number of bits in server certificate private key

HTTPS_SERVER_ISSUER C=DE, S=BAVARIA, L=MUNICH, O=ANDREAS SEDLMEIER CONSULTING, OU=IT, CN=ANDREAS' TEST CA, E=sedlmeier@hotmail.com The issuer field of the server certificate

HTTPS_SERVER_SUBJECT C=DE, S=BAVARIA, L=MUNICH, O=Andreas Sedlmeier Consulting Services, OU=IT, CN=andreas The subject field of the server certificate

HTTP_ACCEPT image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus, */* The Accept header

HTTP_ACCEPT_ENCODING gzip, deflate Returns a list of accepted encoding types, for example, "gzip, deflate".

HTTP_ACCEPT_LANGUAGE en-us,de;q=0.5 Returns a string describing the language to use for displaying content.

HTTP_CONNECTION Keep-Alive Returns a string describing the connection type, for example, "Keep-Alive".

HTTP_COOKIE CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A==" Returns the cookie string that was included with the request

HTTP_HOST andreas Returns the name of the Web server. This may or may not be the same as SERVER_NAME, depending on type of name resolution you are using on your Web server (IP address or host header).

HTTP_REFERER https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A== Returns a string that contains the URL of the page that referred the request to the current page by using an HTML tag. Note that the URL is the one that the user typed into the browser address bar, which may not include the name of a default document. If the page is redirected, HTTP_REFERER is empty. HTTP_REFERER is not a mandatory member of the HTTP specification

HTTP_USER_AGENT Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; iOpus-I-M; Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1) Returns a string describing the browser that sent the request.

HTTP_VERSION HTTP/1.1 The name and version of the request protocol (the raw form of SERVER_PROTOCOL).

INSTANCE_ID 1 The ID for the IIS instance in textual format. If the instance ID is 1, it appears as a string. You can use this variable to retrieve the ID of the Web server instance (in the metabase) to which the request belongs

INSTANCE_META_PATH /LM/W3SVC/1 The metabase path for the instance of IIS that responds to the request

LOCAL_ADDR 172.23.107.107 Returns the server address on which the request came in. This is important on computers where there can be multiple IP addresses bound to the computer, and you want to find out which address the request used

LOGON_USER The Windows account that the user is impersonating while connected to your Web server. Use REMOTE_USER, UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is contained in the request header. The only time LOGON_USER holds a different value than these other variables is if you have an authentication filter installed.

PATH_INFO Additional path information, as given by the client. This consists of the trailing part of the URL after the script or ISAPI DLL name, but before the query string, if any

PATH_TRANSLATED C:\factorlink.dev\www\htdocs The value of PATH_INFO, but with any virtual path expanded into a directory specification

QUERY_STRING AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA The information that follows the first question mark in the URL that referenced this script

REMOTE_ADDR 172.23.107.107 The IP address of the client or agent of the client (for example gateway, proxy, or firewall) that sent the request

REMOTE_HOST 172.23.107.107 The host name of the client or agent of the client (for example, gateway, proxy or firewall) that sent the request if reverse DNS is enabled. Otherwise, this value is set to the IP address specified by REMOTE_ADDR

REMOTE_PORT 1380 The client port number of the TCP connection

REMOTE_USER The user name supplied by the client and authenticated by the server. This comes back as an empty string when the user is anonymous

REQUEST_METHOD The HTTP request method verb.

SCRIPT_NAME The name of the script program being executed

SCRIPT_TRANSLATED The canonical physical path to the script listed in SCRIPT_NAME, for example, "\\?\c:\inetpub\wwwroot\vdir\default.asp".

SERVER_NAME The server's host name, or IP address, as it should appear in self-referencing URLs.

SERVER_PORT The TCP/IP port on which the request was received

SERVER_PORT_SECURE A string of either 0 or 1. If the request is being handled on the secure port, then this will be 1. Otherwise, it will be 0

SERVER_PROTOCOL The name and version of the information retrieval protocol relating to this request.

SERVER_SOFTWARE The name and version of the Web Server under which the ISAPI extension DLL program is running

SSI_EXEC_DISABLED Returns a 1 if the server-side include directive, #exec, is disabled. Otherwise, SSI_EXE_DISABLED returns a 0. To enable or disable #exec, use the SSIExecDisablemetabase property.

UNENCODED_URL Returns the raw, unencoded URL, for example, "/vdir/default.asp?querystring".

UNMAPPED_REMOTE_USER The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. This variable is no different from REMOTE_USER. If you have an authentication filter installed on your Web server that maps incoming users to accounts, use LOGON_USER to view the mapped user name.

URL The base portion of the URL. Parameter values will not be included. The value is determined when the Web Server parses the URL from the header

Output of a CGI / server variable "echo" program written in Magic and invoked with 9.4 CGI requester:

Value Description

ALL_HTTP All HTTP headers sent by the client.

ALL_RAW All headers in raw form. The header names and values appear as they are sent by the client

APPL_MD_PATH Retrieves the metabase path of the application.

APPL_PHYSICAL_PATH Retrieves the physical path corresponding to the metabase path in APPL_MD_PATH.

APP_POOL_ID Returns the name of the application pool that is running in the IIS worker process that is handling the request.

AUTH_PASSWORD The value entered in the client's authentication dialog. This variable is only available if Basic authentication is used

AUTH_TYPE The type of authentication used. If the string is empty, then no authentication is used. Possible values are Basic or NTLM

AUTH_USER The value entered in the client's authentication dialog box

CACHE_URL For use in ISAPI applications only. Returns the unambiguous name for the current URL. It is necessary to use the Unicode version of this variable in conjunction with the kernel mode cache invalidation function to evict entries placed in the cache by HSE_REQ_VECTOR_SEND

CERT_COOKIE 455a84e84b12be870d80109937f91d63 Unique ID for the client certificate, returned as a string. This can be used as a signature for the whole client certificate

CERT_FLAGS 1 If bit0 is set to 1, a client certificate is present. If bit1 is set to 1, the certification authority (CA) of the client certificate is invalid. That is, it is not on this server's list of recognized CAs

CERT_ISSUER C=ZA, O=Thawte Consulting (Pty) Ltd., CN=Thawte Personal Freemail Issuing CA The issuer field of the client certificate.

CERT_KEYSIZE The number of bits in the Secure Sockets Layer (SSL) connection key size

CERT_SECRETKEYSIZE The number of bits in the server certificate private key

CERT_SERIALNUMBER 7c-2c-76-fc-01-14-6f-3e-56-65-a2-c8-a5-35-90-ec The serial-number field of the client certificate

CERT_SERVER_ISSUER The issuer field of the server certificate.

CERT_SERVER_SUBJECT The subject field of the server certificate

CERT_SUBJECT CN=Thawte Freemail Member, E=sedlmeier@hotmail.com The subject field of the client certificate.

CONTENT_LENGTH The number of bytes of data that the script or extension can expect to receive from the client. This total does not include headers

CONTENT_TYPE The content type of the information supplied in the body of a POST request

GATEWAY_INTERFACE The revision of the CGI specification used by the server. The format is CGI/revision

HTTPS on On if the request came in through secure channel (with SSL encryption), or off if the request is for an unsecure channe

HTTPS_KEYSIZE 128 Number of bits in the SSL connection key size. For example, 128.

HTTPS_SECRETKEYSIZE 4096 The number of bits in server certificate private key

HTTPS_SERVER_ISSUER C=DE, S=BAVARIA, L=MUNICH, O=ANDREAS SEDLMEIER CONSULTING, OU=IT, CN=ANDREAS' TEST CA, E=sedlmeier@hotmail.com The issuer field of the server certificate

HTTPS_SERVER_SUBJECT C=DE, S=BAVARIA, L=MUNICH, O=Andreas Sedlmeier Consulting Services, OU=IT, CN=andreas The subject field of the server certificate

HTTP_ACCEPT image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus, */* The Accept header

HTTP_ACCEPT_ENCODING gzip, deflate Returns a list of accepted encoding types, for example, "gzip, deflate".

HTTP_ACCEPT_LANGUAGE en-us,de;q=0.5 Returns a string describing the language to use for displaying content.

HTTP_CONNECTION Keep-Alive Returns a string describing the connection type, for example, "Keep-Alive".

HTTP_COOKIE CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A==" Returns the cookie string that was included with the request

HTTP_HOST andreas Returns the name of the Web server. This may or may not be the same as SERVER_NAME, depending on type of name resolution you are using on your Web server (IP address or host header).

HTTP_REFERER https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A== Returns a string that contains the URL of the page that referred the request to the current page by using an HTML tag. Note that the URL is the one that the user typed into the browser address bar, which may not include the name of a default document. If the page is redirected, HTTP_REFERER is empty. HTTP_REFERER is not a mandatory member of the HTTP specification

HTTP_USER_AGENT Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; iOpus-I-M; Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1) Returns a string describing the browser that sent the request.

HTTP_VERSION The name and version of the request protocol (the raw form of SERVER_PROTOCOL).

INSTANCE_ID 1 The ID for the IIS instance in textual format. If the instance ID is 1, it appears as a string. You can use this variable to retrieve the ID of the Web server instance (in the metabase) to which the request belongs

INSTANCE_META_PATH The metabase path for the instance of IIS that responds to the request

LOCAL_ADDR 172.23.107.107 Returns the server address on which the request came in. This is important on computers where there can be multiple IP addresses bound to the computer, and you want to find out which address the request used

LOGON_USER The Windows account that the user is impersonating while connected to your Web server. Use REMOTE_USER, UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is contained in the request header. The only time LOGON_USER holds a different value than these other variables is if you have an authentication filter installed.

PATH_INFO Additional path information, as given by the client. This consists of the trailing part of the URL after the script or ISAPI DLL name, but before the query string, if any

PATH_TRANSLATED C:\factorlink.dev\www\htdocs The value of PATH_INFO, but with any virtual path expanded into a directory specification

QUERY_STRING AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA The information that follows the first question mark in the URL that referenced this script

REMOTE_ADDR 172.23.107.107 The IP address of the client or agent of the client (for example gateway, proxy, or firewall) that sent the request

REMOTE_HOST 172.23.107.107 The host name of the client or agent of the client (for example, gateway, proxy or firewall) that sent the request if reverse DNS is enabled. Otherwise, this value is set to the IP address specified by REMOTE_ADDR

REMOTE_PORT The client port number of the TCP connection

REMOTE_USER The user name supplied by the client and authenticated by the server. This comes back as an empty string when the user is anonymous

REQUEST_METHOD The HTTP request method verb.

SCRIPT_NAME The name of the script program being executed

SCRIPT_TRANSLATED The canonical physical path to the script listed in SCRIPT_NAME, for example, "\\?\c:\inetpub\wwwroot\vdir\default.asp".

SERVER_NAME The server's host name, or IP address, as it should appear in self-referencing URLs.

SERVER_PORT The TCP/IP port on which the request was received

SERVER_PORT_SECURE A string of either 0 or 1. If the request is being handled on the secure port, then this will be 1. Otherwise, it will be 0

SERVER_PROTOCOL The name and version of the information retrieval protocol relating to this request.

SERVER_SOFTWARE The name and version of the Web Server under which the ISAPI extension DLL program is running

SSI_EXEC_DISABLED Returns a 1 if the server-side include directive, #exec, is disabled. Otherwise, SSI_EXE_DISABLED returns a 0. To enable or disable #exec, use the SSIExecDisablemetabase property.

UNENCODED_URL Returns the raw, unencoded URL, for example, "/vdir/default.asp?querystring".

UNMAPPED_REMOTE_USER The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. This variable is no different from REMOTE_USER. If you have an authentication filter installed on your Web server that maps incoming users to accounts, use LOGON_USER to view the mapped user name.

URL The base portion of the URL. Parameter values will not be included. The value is determined when the Web Server parses the URL from the header

See also
- The Common Gateway Interface∞
- RFC 1867 - Form-based File Upload in HTML - with eDeveloper (which contains the sample program to generate above sample output)

CategoryWeb

Name	Value	Description
ALL_HTTP	HTTP_ACCEPT:image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus, / HTTP_ACCEPT_LANGUAGE:en-us,de;q=0.5 HTTP_CONNECTION:Keep-Alive HTTP_HOST:andreas HTTP_REFERER:https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A== HTTP_USER_AGENT:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; iOpus-I-M; Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1) HTTP_COOKIE:CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A==" HTTP_UA_CPU:x86 HTTP_ACCEPT_ENCODING:gzip, deflate HTTP_X_REWRITE_URL:/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA	All HTTP headers sent by the client.
ALL_RAW	Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus, / Accept-Language: en-us,de;q=0.5 Connection: Keep-Alive Host: andreas Referer: https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A== User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; iOpus-I-M; Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1) Cookie: CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A==" UA-CPU: x86 Accept-Encoding: gzip, deflate X-Rewrite-URL: /Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA	All headers in raw form. The header names and values appear as they are sent by the client
APPL_MD_PATH		Retrieves the metabase path of the application.
APPL_PHYSICAL_PATH		Retrieves the physical path corresponding to the metabase path in APPL_MD_PATH.
APP_POOL_ID		Returns the name of the application pool that is running in the IIS worker process that is handling the request.
AUTH_PASSWORD		The value entered in the client's authentication dialog. This variable is only available if Basic authentication is used
AUTH_TYPE		The type of authentication used. If the string is empty, then no authentication is used. Possible values are Basic or NTLM
AUTH_USER		The value entered in the client's authentication dialog box
CACHE_URL		For use in ISAPI applications only. Returns the unambiguous name for the current URL. It is necessary to use the Unicode version of this variable in conjunction with the kernel mode cache invalidation function to evict entries placed in the cache by HSE_REQ_VECTOR_SEND
CERT_COOKIE	455a84e84b12be870d80109937f91d63	Unique ID for the client certificate, returned as a string. This can be used as a signature for the whole client certificate
CERT_FLAGS	1	If bit0 is set to 1, a client certificate is present. If bit1 is set to 1, the certification authority (CA) of the client certificate is invalid. That is, it is not on this server's list of recognized CAs
CERT_ISSUER	C=ZA, O=Thawte Consulting (Pty) Ltd., CN=Thawte Personal Freemail Issuing CA	The issuer field of the client certificate.
CERT_KEYSIZE	128	The number of bits in the Secure Sockets Layer (SSL) connection key size
CERT_SECRETKEYSIZE	4096	The number of bits in the server certificate private key
CERT_SERIALNUMBER	7c-2c-76-fc-01-14-6f-3e-56-65-a2-c8-a5-35-90-ec	The serial-number field of the client certificate
CERT_SERVER_ISSUER	C=DE, S=BAVARIA, L=MUNICH, O=ANDREAS SEDLMEIER CONSULTING, OU=IT, CN=ANDREAS' TEST CA, E=sedlmeier@hotmail.com	The issuer field of the server certificate.
CERT_SERVER_SUBJECT	C=DE, S=BAVARIA, L=MUNICH, O=Andreas Sedlmeier Consulting Services, OU=IT, CN=andreas	The subject field of the server certificate
CERT_SUBJECT	CN=Thawte Freemail Member, E=sedlmeier@hotmail.com	The subject field of the client certificate.
CONTENT_LENGTH		The number of bytes of data that the script or extension can expect to receive from the client. This total does not include headers
CONTENT_TYPE		The content type of the information supplied in the body of a POST request
GATEWAY_INTERFACE		The revision of the CGI specification used by the server. The format is CGI/revision
HTTPS	on	On if the request came in through secure channel (with SSL encryption), or off if the request is for an unsecure channe
HTTPS_KEYSIZE	128	Number of bits in the SSL connection key size. For example, 128.
HTTPS_SECRETKEYSIZE	4096	The number of bits in server certificate private key
HTTPS_SERVER_ISSUER	C=DE, S=BAVARIA, L=MUNICH, O=ANDREAS SEDLMEIER CONSULTING, OU=IT, CN=ANDREAS' TEST CA, E=sedlmeier@hotmail.com	The issuer field of the server certificate
HTTPS_SERVER_SUBJECT	C=DE, S=BAVARIA, L=MUNICH, O=Andreas Sedlmeier Consulting Services, OU=IT, CN=andreas	The subject field of the server certificate
HTTP_ACCEPT	image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, application/x-quickviewplus, /	The Accept header
HTTP_ACCEPT_ENCODING	gzip, deflate	Returns a list of accepted encoding types, for example, "gzip, deflate".
HTTP_ACCEPT_LANGUAGE	en-us,de;q=0.5	Returns a string describing the language to use for displaying content.
HTTP_CONNECTION	Keep-Alive	Returns a string describing the connection type, for example, "Keep-Alive".
HTTP_COOKIE	CVLANG=GB; sess_id="gBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A=="	Returns the cookie string that was included with the request
HTTP_HOST	andreas	Returns the name of the Web server. This may or may not be the same as SERVER_NAME, depending on type of name resolution you are using on your Web server (IP address or host header).
HTTP_REFERER	https://andreas/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA200_01&ARGUMENTS=-AgBCnMKMkb4nc-yObt2df4jLJ9S7UDDWq5zIf2kVIy0x1gbihbH879A==	Returns a string that contains the URL of the page that referred the request to the current page by using an HTML tag. Note that the URL is the one that the user typed into the browser address bar, which may not include the name of a default document. If the page is redirected, HTTP_REFERER is empty. HTTP_REFERER is not a mandatory member of the HTTP specification
HTTP_USER_AGENT	Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; iOpus-I-M; Arcor 5.005; FunWebProducts; .NET CLR 1.1.4322; .NET CLR 2.0.50727; InfoPath.1)	Returns a string describing the browser that sent the request.
HTTP_VERSION	HTTP/1.1	The name and version of the request protocol (the raw form of SERVER_PROTOCOL).
INSTANCE_ID	1	The ID for the IIS instance in textual format. If the instance ID is 1, it appears as a string. You can use this variable to retrieve the ID of the Web server instance (in the metabase) to which the request belongs
INSTANCE_META_PATH	/LM/W3SVC/1	The metabase path for the instance of IIS that responds to the request
LOCAL_ADDR	172.23.107.107	Returns the server address on which the request came in. This is important on computers where there can be multiple IP addresses bound to the computer, and you want to find out which address the request used
LOGON_USER		The Windows account that the user is impersonating while connected to your Web server. Use REMOTE_USER, UNMAPPED_REMOTE_USER, or AUTH_USER to view the raw user name that is contained in the request header. The only time LOGON_USER holds a different value than these other variables is if you have an authentication filter installed.
PATH_INFO		Additional path information, as given by the client. This consists of the trailing part of the URL after the script or ISAPI DLL name, but before the query string, if any
PATH_TRANSLATED	C:\factorlink.dev\www\htdocs	The value of PATH_INFO, but with any virtual path expanded into a directory specification
QUERY_STRING	AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA	The information that follows the first question mark in the URL that referenced this script
REMOTE_ADDR	172.23.107.107	The IP address of the client or agent of the client (for example gateway, proxy, or firewall) that sent the request
REMOTE_HOST	172.23.107.107	The host name of the client or agent of the client (for example, gateway, proxy or firewall) that sent the request if reverse DNS is enabled. Otherwise, this value is set to the IP address specified by REMOTE_ADDR
REMOTE_PORT	1380	The client port number of the TCP connection
REMOTE_USER		The user name supplied by the client and authenticated by the server. This comes back as an empty string when the user is anonymous
REQUEST_METHOD		The HTTP request method verb.
SCRIPT_NAME		The name of the script program being executed
SCRIPT_TRANSLATED		The canonical physical path to the script listed in SCRIPT_NAME, for example, "\\?\c:\inetpub\wwwroot\vdir\default.asp".
SERVER_NAME		The server's host name, or IP address, as it should appear in self-referencing URLs.
SERVER_PORT		The TCP/IP port on which the request was received
SERVER_PORT_SECURE		A string of either 0 or 1. If the request is being handled on the secure port, then this will be 1. Otherwise, it will be 0
SERVER_PROTOCOL		The name and version of the information retrieval protocol relating to this request.
SERVER_SOFTWARE		The name and version of the Web Server under which the ISAPI extension DLL program is running
SSI_EXEC_DISABLED		Returns a 1 if the server-side include directive, #exec, is disabled. Otherwise, SSI_EXE_DISABLED returns a 0. To enable or disable #exec, use the SSIExecDisablemetabase property.
UNENCODED_URL		Returns the raw, unencoded URL, for example, "/vdir/default.asp?querystring".
UNMAPPED_REMOTE_USER		The name of the user as it is derived from the authorization header sent by the client, before the user name is mapped to a Windows account. This variable is no different from REMOTE_USER. If you have an authentication filter installed on your Web server that maps incoming users to accounts, use LOGON_USER to view the mapped user name.
URL		The base portion of the URL. Parameter values will not be included. The value is determined when the Web Server parses the URL from the header

Magic Wiki-Wakka : InternetServerVariables

" HTTP_UA_CPU:x86 HTTP_ACCEPT_ENCODING:gzip, deflate HTTP_X_REWRITE_URL:/Magic94Scripts/MGrqispi94.dll?AppName=FileUpload&PrgName=ICA500_10&ARGUMENTS=-AA </td>

" </td>

Web Server Variables and CGI environment variables

Preparing your Magic & Internet application to receive environemnet and server variables HttpVars

Examples and list of possible CGI environment / Sever-variables

See also