Sheerpower^®
A Guide to the Sheerpower Language

L.2.4 Custom HTTP Headers

By default, Sheerpower automatically builds the CGI required HTTP headers. But, sometimes there is a need to write out your own custom HTTP headers. For example, you might need to write out binary data, or perhaps send a cookie. Here is a sample routine that writes out a HTTP header:

routine start_http_output ask #cgi_ch, symbol 'env:PATH_INFO': value path_info$ print #cgi_ch: "HTTP/1.1 200 OK" print #cgi_ch: 'Cache-Control: max-age=2, must-revalidate' print #cgi_ch: "Content-type: text/html" print #cgi_ch: 'Referer: ' + path_info$ print #cgi_ch: "Pragma: no-cache" print #cgi_ch: print #cgi_ch: end routine

Note

When printing out binary data, include a trailing semi-colon at the end of the PRINT instruction:

print #cgi_ch: mybinary$; // notice the trailing semi-colon

L.2.5 Performance

The Sheerpower CGI interface was designed to very high performance. If the server it is running on has multiple CPUs, full advantage of the CPUs can be taken by running multiple copies of the same HANDLER. A good "rule of thumb" is to run at least two HANDLERS for each CPU on the server. Idle handlers consume very little cpu-time---less than 1/10th of 1% of available CPU-time for each idle handler.

L.2.6 Summary of CGI Environment Variables

The Sheerpower CGI interface allows full acccess to the SPINS webserver "environment variables". For example, to ask for the QUERY_STRING (the data that follows a "?" in a URL) you would use:

ask #cgi_ch, symbol 'env:QUERY_STRING': value qstring$

The "env:" symbol prefix tells Sheerpower that you are requesting an environment variable and not a form variable.

Table L-1 CGI Environment Variables
Variable Function

ALL_HTTP Retrieves all HTTP headers that were received. These variables are of the form HTTP_header field name. The headers consist of a null-terminated string with the individual headers separated by line feeds.

ALL_RAW Retrieves all headers in raw form. The header names and values appear as the client sends them. Currently, proxy servers and other similar applications primarily use this value.

APPL_MD_PATH Retrieves the metabase path of the application for the ISAPI DLL or the script.

APPL_PHYSICAL_PATH Retrieves the physical path that corresponds with the metabase path. SPINS maps the namespace to the physical directory path; this allows APPL_MD_PATH to return this value. This is a costly function (in run time) compared to getting just APPL_MD_PATH.

AUTH_PASSWORD Specifies the value entered in the client's authentication dialog. This variable is only available if Basic authentication is used.

AUTH_TYPE Specifies the type of authentication used. If the string is empty, then no authentication is used. Possible values are Kerberos, user, SSL/PCT, Basic, and integrated Windows authentication.

AUTH_USER Specifies the value entered in the client's authentication dialog box.

CERT_COOKIE Specifies a unique ID for a client certificate. Returned as a string. Can be used as a signature for the whole client certificate.

CERT_FLAGS If bit0 is set to 1, a client certificate is present. If bit1 is set to 1, the certification authority (CA) of the client certificate is invalid (that is, it is not on this server's list of recognized CAs).

CERT_ISSUER Specifies the issuer field of the client certificate. For example,the following codes might be O=MS, OU=IAS, CN=user name, C=USA, and so on.

CERT_KEYSIZE Specifies the number of bits in the Secure Sockets Layer (SSL) connection key size.

CERT_SECRETKEYSIZE Specifies the number of bits in the server certificate private key.

CERT_SERIALNUMBER Specifies the serial-number field of the client certificate.

CERT_SERVER_ISSUER Specifies the issuer field of the server certificate.

CERT_SERVER_SUBJECT Specifies the subject field of the server certificate.

CERT_SUBJECT Specifies the subject field of the client certificate.

CONTENT_LENGTH Specifies the number of bytes of data that the script or extension can expect to receive from the client. This total does not include headers.

CONTENT_TYPE Specifies the content type of the information supplied in the body of a POST request.

LOGON_USER The Windows account that the user is logged into.

HTTPS Returns on if the request came in through secure channel (with SSL encryption), or off if the request is for an unsecure channel.

HTTPS_KEYSIZE Specifies the number of bits in the SSL connection key size.

HTTPS_SECRETKEYSIZE Specifies the number of bits in server certificate private key.

HTTPS_SERVER_ISSUER Specifies the issuer field of the server certificate.

HTTPS_SERVER_SUBJECT Specifies the subject field of the server certificate.

INSTANCE_ID Specifies the ID for the server instance in textual format. If the instance ID is 1, it appears as a string. This value can be used to retrieve the ID of the Web-server instance, in the metabase, to which the request belongs.

INSTANCE_META_PATH Specifies the metabase path for the instance to which the request belongs.

PATH_INFO Specifies the additional path information, as given by the client. This consists of the trailing part of the URL after the script or ISAPI DLL name, but before the query string, if any.

PATH_TRANSLATED Specifies this is the value of PATH_INFO, but with any virtual path expanded into a directory specification.

QUERY_STRING Specifies the information that follows the first question mark in the URL that referenced this script.

REMOTE_ADDR Specifies the IP address of the client or agent of the client (for example gateway, proxy, or firewall) that sent the request.

REMOTE_HOST Specifies the host name of the client or agent of the client (for example, gateway, proxy or firewall) that sent the request if reverse DNS is enabled. Otherwise, this value is set to the IP address specified by REMOTE_ADDR.

REMOTE_USER Specifies the user name supplied by the client and authenticated by the server. This comes back as an empty string when the user is anonymous.

REQUEST_METHOD Specifies the HTTP request method verb.

SCRIPT_NAME Specifies the name of the script program being executed.

SERVER_NAME Specifies the server's host name, or IP address, as it should appear in self-referencing URLs.

SERVER_PORT Specifies the TCP/IP port on which the request was received.

SERVER_PORT_SECURE Specifies a string of either 0 or 1. If the request is being handled on the secure port, then this will be 1. Otherwise, it will be 0.

SERVER_PROTOCOL Specifies the name and version of the information retrieval protocol relating to this request.

SERVER_SOFTWARE Specifies the name and version of the Web server under which the ISAPI extension DLL program is running.

URL Specifies the base portion of the URL. Parameter values will not be included. The value is determined when SPINS parses the URL from the header.

**Table L-1 CGI Environment Variables**
Variable	Function
ALL_HTTP	Retrieves all HTTP headers that were received. These variables are of the form HTTP_header field name. The headers consist of a null-terminated string with the individual headers separated by line feeds.
ALL_RAW	Retrieves all headers in raw form. The header names and values appear as the client sends them. Currently, proxy servers and other similar applications primarily use this value.
APPL_MD_PATH	Retrieves the metabase path of the application for the ISAPI DLL or the script.
APPL_PHYSICAL_PATH	Retrieves the physical path that corresponds with the metabase path. SPINS maps the namespace to the physical directory path; this allows APPL_MD_PATH to return this value. This is a costly function (in run time) compared to getting just APPL_MD_PATH.
AUTH_PASSWORD	Specifies the value entered in the client's authentication dialog. This variable is only available if Basic authentication is used.
AUTH_TYPE	Specifies the type of authentication used. If the string is empty, then no authentication is used. Possible values are Kerberos, user, SSL/PCT, Basic, and integrated Windows authentication.
AUTH_USER	Specifies the value entered in the client's authentication dialog box.
CERT_COOKIE	Specifies a unique ID for a client certificate. Returned as a string. Can be used as a signature for the whole client certificate.
CERT_FLAGS	If bit0 is set to 1, a client certificate is present. If bit1 is set to 1, the certification authority (CA) of the client certificate is invalid (that is, it is not on this server's list of recognized CAs).
CERT_ISSUER	Specifies the issuer field of the client certificate. For example,the following codes might be O=MS, OU=IAS, CN=user name, C=USA, and so on.
CERT_KEYSIZE	Specifies the number of bits in the Secure Sockets Layer (SSL) connection key size.
CERT_SECRETKEYSIZE	Specifies the number of bits in the server certificate private key.
CERT_SERIALNUMBER	Specifies the serial-number field of the client certificate.
CERT_SERVER_ISSUER	Specifies the issuer field of the server certificate.
CERT_SERVER_SUBJECT	Specifies the subject field of the server certificate.
CERT_SUBJECT	Specifies the subject field of the client certificate.
CONTENT_LENGTH	Specifies the number of bytes of data that the script or extension can expect to receive from the client. This total does not include headers.
CONTENT_TYPE	Specifies the content type of the information supplied in the body of a POST request.
LOGON_USER	The Windows account that the user is logged into.
HTTPS	Returns on if the request came in through secure channel (with SSL encryption), or off if the request is for an unsecure channel.
HTTPS_KEYSIZE	Specifies the number of bits in the SSL connection key size.
HTTPS_SECRETKEYSIZE	Specifies the number of bits in server certificate private key.
HTTPS_SERVER_ISSUER	Specifies the issuer field of the server certificate.
HTTPS_SERVER_SUBJECT	Specifies the subject field of the server certificate.
INSTANCE_ID	Specifies the ID for the server instance in textual format. If the instance ID is 1, it appears as a string. This value can be used to retrieve the ID of the Web-server instance, in the metabase, to which the request belongs.
INSTANCE_META_PATH	Specifies the metabase path for the instance to which the request belongs.
PATH_INFO	Specifies the additional path information, as given by the client. This consists of the trailing part of the URL after the script or ISAPI DLL name, but before the query string, if any.
PATH_TRANSLATED	Specifies this is the value of PATH_INFO, but with any virtual path expanded into a directory specification.
QUERY_STRING	Specifies the information that follows the first question mark in the URL that referenced this script.
REMOTE_ADDR	Specifies the IP address of the client or agent of the client (for example gateway, proxy, or firewall) that sent the request.
REMOTE_HOST	Specifies the host name of the client or agent of the client (for example, gateway, proxy or firewall) that sent the request if reverse DNS is enabled. Otherwise, this value is set to the IP address specified by REMOTE_ADDR.
REMOTE_USER	Specifies the user name supplied by the client and authenticated by the server. This comes back as an empty string when the user is anonymous.
REQUEST_METHOD	Specifies the HTTP request method verb.
SCRIPT_NAME	Specifies the name of the script program being executed.
SERVER_NAME	Specifies the server's host name, or IP address, as it should appear in self-referencing URLs.
SERVER_PORT	Specifies the TCP/IP port on which the request was received.
SERVER_PORT_SECURE	Specifies a string of either 0 or 1. If the request is being handled on the secure port, then this will be 1. Otherwise, it will be 0.
SERVER_PROTOCOL	Specifies the name and version of the information retrieval protocol relating to this request.
SERVER_SOFTWARE	Specifies the name and version of the Web server under which the ISAPI extension DLL program is running.
URL	Specifies the base portion of the URL. Parameter values will not be included. The value is determined when SPINS parses the URL from the header.

Contents

Index

Sheerpower® A Guide to the Sheerpower Language

L.2.4 Custom HTTP Headers

L.2.5 Performance

L.2.6 Summary of CGI Environment Variables

Sheerpower^®
A Guide to the Sheerpower Language