Jump to content

Server Side Includes

From Wikipedia, the free encyclopedia
(Redirected from Server side include)

Server Side Includes (SSI) is a simple interpreted server-side scripting language used almost exclusively for the World Wide Web. It is most useful for including the contents of one or more files into a web page on a web server (see below), using its #include directive. This could commonly be a common piece of code throughout a site, such as a page header, a page footer and a navigation menu. SSI also contains control directives for conditional features and directives for calling external programs. It is supported by Apache, LiteSpeed, nginx, IIS as well as W3C's Jigsaw.[1] It has its roots in NCSA HTTPd.[2]

In order for a web server to recognize an SSI-enabled HTML file and therefore carry out these instructions, either the filename should end with a special extension, by default .shtml, .stm, .shtm, or, if the server is configured to allow this, set the execution bit of the file.[3]



As a simple programming language, SSI supports only one type: text. Its control flow is rather simple, choice is supported, but loops are not natively supported and can only be done by recursion using include or using HTTP redirect.[a] The simple design of the language makes it easier to learn and use than most server-side scripting languages, while complicated server-side processing is often done with one of the more feature-rich programming languages. SSI is Turing complete.[4]

SSI has a simple syntax: <!--#directive parameter=value parameter=value -->. Directives are placed in HTML comments so that if SSI is not enabled, users will not see the SSI directives on the page, unless they look at its source. Note that the syntax does not allow spaces between the leading "<!--" and the directive. Apache tutorial on SSI stipulates the format requires a space character before the "-->" that closes the element.[5]



A web page containing a daily quotation could include the quotation by placing the following code into the file of the web page:

<!--#include virtual="../quote.txt" -->

With one change of the quote.txt file, all pages that include the file will display the latest daily quotation. The inclusion is not limited to files, and may also be the text output from a program, or the value of a system variable such as the current time.





The following are SSI directives from the times of NCSA HTTPd (the 1990s).[2] Some implementations do not support all of them.[6]

NCSA HTTPd SSI directives
Directive Parameters Description Example
include file or virtual This is probably the most used SSI directive. It allows the content of one document to be transcluded in another. The included document can itself be another SSI-enabled file. The file or virtual parameters specify the file (HTML page, text file, script, etc.) to be included. NCSA HTTPd did not support CGI via include,[2] but later Apache HTTPd does.[7] If the process does not have access to read the file or execute the script, the include will fail. The parameter "virtual" handles any directory paths as if part of the URL, while "file" handles any directory paths as in the underlying filesystem. When using "file" it is forbidden to reference absolute paths or ../ to access a parent directory. The Apache documentation recommends using "virtual" in preference to "file".[7]
<!--#include virtual="menu.cgi" -->
<!--#include file="footer.html" -->
exec cgi or cmd This directive executes a program, script, or shell command on the server. The cmd parameter specifies a server-side command; the cgi parameter specifies the path to a CGI script. The PATH_INFO and QUERY_STRING of the current SSI script will be passed to the CGI script, as a result "exec cgi" should be used instead of "include virtual".[citation needed]
<!--#exec cgi="/cgi-bin/foo.cgi" -->
<!--#exec cmd="ls -l" -->
echo var This directive displays the contents of a specified HTTP environment variable. Variables include HTTP_USER_AGENT, LAST_MODIFIED, and HTTP_ACCEPT.[citation needed]
Your IP address is:
<!--#echo var="REMOTE_ADDR" -->
config timefmt, sizefmt, or errmsg This directive configures the display formats for the date, time, filesize, and error message (returned when an SSI command fails).
<!--#config timefmt="%y %m %d" -->
<!--#config sizefmt="bytes" -->
<!--#config errmsg="SSI command failed!" -->
flastmod and fsize file or virtual These directives display the date when the specified document was last modified, or the specified document's size. The file or virtual parameters specify the document to use. The file parameter defines the document as relative to the document path; the virtual parameter defines the document as relative to the document root.
<!--#flastmod virtual="index.html" -->
<!--#fsize file="script.pl" -->

Control directives


Control directives are later added to SSI. They include the ubiquitous if-elif-else-endif flow control and variable writing as well as more exotic features like loops only found in some implementations.

Directive Parameters Description Example Found in
  • if
  • elif
  • else
  • endif
expr The if statement. Used for condition tests that may determine and generate multiple logical pages from one single physical page. elif is a shorthand for nested else-if. else and endif do not accept parameters.

Expression syntax vary among implementations. Variable existence and equality/regex checks are commonly supported. Jigsaw uses expressions split over multiple attributes instead.[1]

<!--#if expr="${Sec_Nav}" -->
<!--#include virtual="secondary_nav.txt" -->
<!--#elif expr="${Pri_Nav}" -->
<!--#include virtual="primary_nav.txt" -->
<!--#else -->
<!--#include virtual="article.txt" -->
<!--#endif -->
set var, value Sets the value of a SSI variable. Apache provides additional parameters for encodings.[8]
<!--#set var="foo" value="bar" -->
Apache,[8] Nginx[9]
printenv   This directive outputs a list of all SSI variables and their values, including environmental and user-defined variables. It has no attributes.
<!--#printenv -->

See also



  1. ^ Nevertheless found in some implementations, including Jigsaw.


  1. ^ a b "SSI Commands". W3C. Retrieved 24 March 2019.
  2. ^ a b c "Server Side Includes (SSI)". NCSA HTTPd Tutorial. Archived from the original on 3 March 1997. Retrieved 24 March 2019.
  3. ^ "Configuring your server to permit SSI". Apache Tutorial: Introduction to Server Side Includes. The Apache Software Foundation. Retrieved 24 June 2015.
  4. ^ "Server Side Includes Turing machine, Jan Schejbal". Janschejbal.de. Retrieved 2012-12-06.
  5. ^ "Basic SSI Directives and Syntax". 2018-02-09. Retrieved 2018-02-09.
  6. ^ "Module ngx_http_ssi_module". nginx documentation. Retrieved 16 November 2021.
  7. ^ a b "Apache Module mod_include". Apache HTTP Server Version 2.4 Documentation. Apache Software Foundation. Retrieved 2021-09-07.
  8. ^ a b c "mod_include". Apache HTTP Server. Retrieved 25 March 2019.
  9. ^ "ngx_http_ssi_module". nginx.org. Retrieved 25 March 2019.