Home

ASP ADVANCED

Both browser requests and server responses include headers.  Headers provide additional information about the content of a request or a response.  They can also contain information about the browser making the request or the server providing the response.

Active Server Pages includes a number of collections and methods that can help you manipulate headers.  Some of these methods are targeted at a particular task, such as providing a Web page with a content rating or providing an expiration date for the Web page.  Other methods and collections allow you to manipulate headers in general.  The following sections explain how to use the methods and collections that affect headers.

Retrieving Headers

When a browser requests a Web page from a server, the request includes a number of headers.  You can retrieve these headers by using the serverVariables collection of the Request object.  The ServerVariables collection contains both headers and additional items of information about the server.  The following Active Server Page dumps all the contents of the ServerVariables collection to the browser window (see Figure Below):-

<HTML>
<HEAD><TITLE>Server Variables</TITLE></HEAD>
<BODY>
<%
FOR EACH name IN Request.ServerVariables
Response.write("<P><B>"&name&"</B>:")
Response.write(Request.ServerVariables(name))
NEXT
%>
</BODY>
</HTML>

The ServerVariables collection

The ServerVariables collection

The headers (and server variables) in the ServerVariables collection hold a wide assortment of different types of information.  Appendix A, "Quick ASP Object and Component Reference," contains a list of the standard headers and server variables in this collection.  The following list explains the more useful ones:

  • HTTP_REFERER.  When someone has arrived at the current page by clicking a hyperlink, this header contains the Internet address of the referring page.  The HTTP_REFERER header is extremely valuable for determining how the visitors to your Web site arrived there.  For example, if you want to know the number of people who arrived at your Web site by using Yahoo!, you could use the HTTP-REFERER header to determine this information.

  • HTTP_USER_AGENT.  This header indicates the type of Web browser a visitor to your Web site is using.  This information is valuable when you need to determine the Web browser used most often by the target audience of your Web site.

  • REMOTE_ADDR.  This header contains the IP address of a visitor to your Web site.  The IP address can be interpreted to provide information about the origins of the visitors to your Web site.  For example, you can use this header to determine how many people are visiting your Web site from MIT or America Online.

  • QUERY_STRING. The QUERY_STRING server variable contains the portion of the URL after the question mark.  This variable contains the complete query string.  Chapter 15, "Working with More Than One Active Server Page," details methods for use, with query strings.

  • SCRIPT_NAME.  This server variable contains the virtual path of the current Active Server Page.  You can use this variable for self-referencing pages.

  • SERVER_NAME.  This server variable contains the Internet address of the server.

  • PATH-TRANSLATED.  This server variable contains the physical path of the current Active Server Page.

Certain versions of Internet Explorer (such as versions 3.0 and 4.0 in Windows 95) contain additional headers in their requests:

  • HTTP_ UA_ COLOR.  This header indicates the number of colors that the browser can display.

  • HTTP_UA_CPU.  This header indicates the type of machine being used to execute the browser.

  • HTTP-UA-OS.  This header indicates the operating system of the computer executing the browser.

  • HTTP_UA_PIXELS.  This header indicates the screen resolution being used on the computer executing the browser.

You can retrieve the contents of a particular header or server variable by passing its name to the ServerVariables collection.  For example, the following script (continued on the next page) allows a user to access the page only if he or she arrived from the Active Server Page named origin.asp:

<HTML>
<HEAD><TITLE>Server Variables</TITLE></HEAD>
<BODY>
WhereFrom=request.ServerVariables("HTTP_REFERER")
If WhereFrom="http://www.mysite.com/origin.asp" THEN
%>
Welcome to this Page!
<%
ELSE
%>
You are not authorized to view this page!
<%
END IF
%>
</BODY>
</HTML>

In this script, the HTTP_REFERER header determines the page the visitor used to link to the current page.  If the user didn't arrive from the page located at http://mysite/origin.asp, he or she isn't allowed to view the contents of the page.

Using Headers to Control How a Page Is Cached

Proxy servers are used to reduce the amount of time needed to retrieve a Web page over the Internet.  Proxy servers keep local copies of Web pages in a cache; when someone requests a Web page, it can be retrieved from the proxy rather than from the original server.

From the point of view of Active Server Pages, however, proxy servers are an evil nuisance.  The whole point of an Active Server Page is to display dynamic content.  In other words, an Active Server Page can display content that changes every time it's viewed.  You don't want a proxy server to respond with stale copies of your Active Server Pages.

By default, proxy servers should not cache your Active Server Pages.  The ASP CACHE -CONTROL General header provides directives for how proxy servers should cache Web pages.  When you use Active Server Pages, by default, this header directs proxy servers not to cache your pages.  However, you can override this default behavior.  If for some odd reason you want proxy servers to cache your Active Server Pages, you can modify the CacheControl property of the Response object.  Add the following line to the top of an Active Server Page to allow the page to be cached by proxy servers:

<% Response.CacheControl="Public" %>

You can also indicate how you want Web browsers to cache your Active Server Pages.  Browsers commonly have memory and disk caches.  Two properties of the Response object control how browsers cache your web pages.  By using the Expires property of the response object, you can specify the amount of time in minutes that a browser should use a cached copy of a Web page.  If you set this property to 0, the browser won't cache the Active Server Page at all.  Here's an example:

<% Response.Expires=0 %>

You can also specify an absolute date and time when a cached copy of an Active Server Page should expire.  When you do this, the Web browser will continue to use a cached copy of the Active Server Page until this date and time arrives.  The following example directs browsers to cache a page until the year 1998:

<% Response.ExpiresAbsolute=#Jan 1,1998 00:00:00# %>

Using Headers to Specify Content Rating

The Platform for Internet Content Selection (PICS) provides a standard way to label the content of a Web page or a whole Web site.  For example, you can use PICS labels to indicate the level of violence or sexual explicitness of the content of a Website.

PICS itself is not a rating service. PICS is a specification for the format of content labels. The PICS standard is intended to be compatible with the decentralized culture of the Web.  The idea is that many different rating services can use PICS to label Web sites according to their own standards.  For example, the Parent-Teacher Association might use PICS to label Web sites in a very different way than an organization such as a Beavis and Butt-Head fan club.

The decision of which rating service to use is left in the hands of the individual.  In theory, an individual could select the rating service that reflects his or her personal tastes.  This is the vision, anyway.  Currently, only one rating service is widely supported.  Internet Explorer versions 3.0 and above support the PICS standard.  However, by default, the only rating service it uses is the one provided by the Recreational Software Advisory Council (RSAC).  This is the same organization that places ratings on computer games.  RSAC uses a rating system that has four categories.  You can rate your site according to its level of violence, nudity, sex, and language.  For each category, you can specify a level between I and 5.

The user can configure Internet Explorer to block Web sites that don't meet particular content preferences.  For example, someone can indicate that he or she wants all sites blocked that use stronger language than mild expletives.  The browser can also be configured to block all sites that haven't been given a content rating. (Of course, at this time, this would also block the vast majority of sites on the Internet.)

To receive an RSAC rating for your Web site, register the site with RSAC. (Currently there's no fee for this service.) The RSAC Web site is located at http://www.rsac.org.  Once there, answer a series of questions about the content of your web site 

At the end of the process, you're supplied with a PICS label.  For example, the ASP Site Web site (the companion Web site for this book) received the following PICS label:

(PICS-1.1 "http://www.rsac.org/ratingsv01.html" l gen true
-comment "RSACI North America Server"
-by "Walther@aspsite.com"
-for "http://www.aspsite.com"
-on "1997.08.10T02:04-0800" r (n 0 s 0 v 0 l 0))

After you have a PICS label for the Web Site, you need to include the label in the pics- label header of your home page.  There's a special property of the Response object for this particular purpose.  You can use the PICS property to add a PICS label to the correct header.  Here's an example:

<% Response.PICS("(PICS-1.1"&CHR(34)
-& "http://www.rsac.org/ratingsv01.html"&CHR(34)
-& "l gen true comment "&CHR(34)
-& "RSACI North America Server"&CHR(34)
-& " by "&CHR(34)&"walther@aspsite.com"
-&CHR(34)&" for "&CHR(34)
-& "http://www.aspsite.com"&CHR(34)&" on &CHR(34)
-& "1997.08.10T02:04-0800"&CHR(34)
-& "r (n 0 s 0 v 0 l 0)) ") %>

This method of adding a PICS label is extremely cumbersome.  You must include the whole PICS label in one unbroken line.  Furthermore, you must specify all quotation marks by using CHR (34).  Fortunately, an easier way to add a PICS label is available.  You can simply include the following HTML tag in the head of your HTML document:

<META http-equiv="PICS-Label"
content=' (PICS-1.1 "http://www.rsac.org/ratingsv01.html" l gen true
comment "RSACI North America Server" by "walther2@ix.netcom.com"
for "http://www.aspsite.com"
on "1997.08.10TO2:04-0800" r (n 0 s 0 v 0 l 0)) ' >

The META http-equiv HTML tag is used to specify a response header within an HTML document.  This method of specifying the PICS label accomplishes the same thing as the previous example.  However, when using the META tag, you don't have to worry about placing everything on a single line or not using quotation marks.