An Overview of Classic ASP’s Request Object

by Paul DeBrino

The Request Object receives the values that the client’s browser passed to the server during
an HTTP request.

When you surf to an address that begins with HTTP, the server you’re visiting treats that as
an "HTTP request"; you are in fact "requesting" that a particular web
page is displayed to you. The same applies to any http hyperlinks that you click. A lot
more information is being passed back and forth, between your PC and the server of the site
you’re visiting, than you may be aware of. This chunk of data is called a "request
object". Along with the URL you’ve requested, information about your browser, IP
address, the last URL you visited and more is being sent along with your request to view
a particular web page. On the flip side, in addition to the web page you requested, the
server also sends back server-related information in the same request object.

All this data gets passed in the HTTP request (a.k.a Request Object). Whether it was posted
via an online form you filled in ..or.. embedded in the URL as name-value pairs, it all ends
up in the Request object. How does that happen, you wonder? That’s a helpful feature of
Microsoft IIS (internet information services), whereas systems/languages such as Unix/Perl
must parse/extract that information manually.

To make life a little simpler, the Request Object has several "collections". A
collection is just a fancy word for grouping, segregating or classifying all of the
information that’s being exchanged. For example, input-capable fields on a form that
is sent via "method=post" end up in collection "Form", while name-value
pairs sent in the URL (or from a form sent via "method=get") end up in collection
"QueryString", etc.

  • ClientCertificate: The values of fields stored in the client certificate that is sent in the HTTP request.
  • Cookies: The values of cookies sent in the HTTP request.
  • Form: The values of form elements in the HTTP request body.
  • QueryString: The values of variables in the HTTP query string.
  • ServerVariables: The values of predetermined server/environment variables.

The syntax is:

All request object variables can be accessed directly by calling Request(variable) without
the collection name. In this case, the Web server searches the collections in the following

  1. QueryString
  2. Form
  3. Cookies
  4. ClientCertificate
  5. ServerVariables

If a variable with the same name exists in more than one collection, the Request object
returns the first instance encountered. It is strongly recommended that, when referring
to members of the ServerVariables collection, the full name be used. For example, rather
than Request("AUTH_USER") use Request.ServerVariables("AUTH_USER").

The following is a script that will display the Request Form collection followed by the
ServerVariables collection. Save this script as "view_request.asp". To see
it work, code your form to have: ACTION="view_request.asp"

<% option explicit %>

' Written by Paul DeBrino of Infinity Research and Development, Inc. (
' Dumps all name-value pairs from POST action, then follows that with server variables.

' Sample of how to ensure visitor arriving on SSL secure channel:
' If (Request.ServerVariables("HTTPS") = "off") Then
'    Response.Redirect "https://" + Request.ServerVariables("SERVER_NAME") _
'      + Request.ServerVariables("PATH_INFO")
' End If

<!-- Show greeting using selected server variables -->
Hello visitor from IP <%= Request.ServerVariables("REMOTE_ADDR") %>
<BR>Your browser identified itself as <%= Request.ServerVariables("HTTP_USER_AGENT") %>.

<!-- Show all form variables -->
 <TD><B>Form Variable</B></TD>

Dim Item
For Each Item In Request.Form
 <TD><FONT SIZE="-1"><%= Item %></FONT></TD>
 <TD><FONT SIZE="-1"><%= Request.Form(Item) %>&nbsp;</FONT></TD>

<% Next %>


<!-- Show all server variables -->

 <TD><B>Server Variable</B></TD>
<% For Each Item In Request.ServerVariables %>

 <TD><FONT SIZE="-1"><%= Item %></FONT></TD>
 <TD><FONT SIZE="-1"><%= Request.ServerVariables(Item) %>&nbsp;</FONT></TD>

<% Next %>

More Information

More by Author

Must Read