Request Object of Classic ASP

On the time of your surfing to an address that starts with HTTP, the server you're visiting treats that as an "HTTP request". Here, in fact you are "requesting" that a particular web page is displayed to you. The same applies to any http hyperlinks that you click. A lot more information is being passed back and forth, between your PC and the server of the site you're visiting, than you may be aware of. This chunk of data is called a "request object". Along with the URL you've requested, information about your browser, IP address, the last URL you visited and more is being sent along with your request to view a particular web page. On the flip side, in addition to the web page you requested, the server also sends back server-related information in the same request object. The Request Object receives the values that the client's browser passed to the server during an HTTP request. And this request is forwarded.

All this data gets passed in the HTTP request. No matter, Whether it was posted via an online form you filled in ..or.. embedded in the URL as name-value pairs, it all ends up in the Request object. How does that happen, you wonder? That's a helpful feature of Microsoft IIS (internet information services), whereas systems/languages such as Unix/Perl must parse/extract that information manually from there.

The Request Object has several "collections" to make life a little simpler. A collection is just a fancy word for grouping, segregating or classifying all of the information that's being exchanged. For example, input-capable fields on a form that is sent via "method=post" end up in collection "Form", while name-value pairs sent in the URL (or from a form sent via "method=get") end up in collection "QueryString", etc.

Query String: The values of variables in the HTTP query string.

Client Certificate: The values of fields stored in the client certificate that is sent in the HTTP request.

Form: The values of form elements in the HTTP request body.

Server Variables: The values of predetermined server/environment variables.

Cookies: The values of cookies sent in the HTTP request.

See the syntax:

Request[.collection|property|method](variable)

Here all request object variables can be accessed directly by calling Request(variable) without the collection name. In this case, the Web server searches the collections in the following way:

I. Query String

ii.Form

iii.Cookies

Iv.Client Certificate

V.Server Variables

The Request object returns the first instance encountered if a variable with the same name exists in more than one collection. It is strongly recommended that, when referring to members of the ServerVariables collection, the full name be used.

Eg:Rather than Request("AUTH_USER") use

Request.ServerVariables("AUTH_USER").

There is a script that will display the Request Form collection followed by the ServerVariables collection. Save this script as "view_request.asp". To see it work, code your form to have:

ACTION="view_request.asp"

<%@LANGUAGE="VBSCRIPT"%>

<% option explicit %>

' Written by Paul DeBrino of Infinity Research and Development, Inc. (infinity-rd.com)

' Dumps all name-value pairs from POST action, then follows that with server variables.

' Sample of how to ensure visitor arriving on SSL secure channel:

' If (Request.ServerVariables("HTTPS") = "off") Then

' Response.Redirect "https://" + Request.ServerVariables("SERVER_NAME") _

' + Request.ServerVariables("PATH_INFO")

' End If

Hello visitor from IP <%= Request.ServerVariables("REMOTE_ADDR") %>

Your browser identified itself as <%=

Request.ServerVariables("HTTP_USER_AGENT") %>.

<TR>

<TD>Form Variable</TD>

<TD>Value</TD>

</TR>

Dim Item

For Each Item In Request.Form

<TR>

</TR>

<% Next %>

</TABLE>

<TR>

<TD>Server Variable</TD>

<TD>Value</TD>

</TR>

<% For Each Item In Request.ServerVariables %>

<TR>

<TD><%= Request.ServerVariables(Item)

%> </TD>

</TR>

<% Next %>

</TABLE>

Have a nice time!