Chapter 13. Server Side Includes

Server Side Includes (SSI) are directives you can place into an HTML document to execute other programs or to output data, such as file statistics or the contents of environment variables. SSI directives can save you the trouble of writing complete CGI programs to output documents containing a small amount of dynamic information. While Server Side Includes aren't technically CGI, they can be an important tool for incorporating CGI-like information as well as output from CGI programs.

In addition to output of specific directives, SSI can use conditional expressions to evaluate portions of documents. This extended SSI functionality is available in Apache 1.2 and later.

When a client requests a document from an SSI-enabled server and the document is coded appropriately, the server parses the specified document looking for SSI directives. We've already considered the advantages to this system; there are also a couple of liabilities. First, parsing documents before sending them to the client represents additional server overhead. Second, enabling SSI can create a security risk. For example, an unwise user might embed directives to execute system commands that output confidential information. In short, SSI can be very handy, but it must be used cautiously and efficiently.

This chapter summarizes the Server Side Includes directives and the extended expression syntax. There aren't many directives, but they perform some useful CGI-like operations and can spare you quite a bit of coding.