Server Side Includes (SSI) are directives you can place into an HTML document to execute other programs or to output data, such as file statistics or the contents of environment variables. SSI directives can save you the trouble of writing complete CGI programs to output documents containing a small amount of dynamic information. While Server Side Includes technically are not CGI, they can become an important tool for incorporating CGI-like information as well as output from CGI programs.
Keep in mind, however, that not all servers support these directives; in particular, the CERN server cannot handle SSI without some modification to the server's configuration, although the Apache, NCSA, Netscape, and WebSite servers can.
When a client requests a document from an SSI-enabled server, and the document is coded appropriately, the server parses the specified document looking for SSI directives. We've already considered the advantages to this system; there are also a couple of liabilities. First, parsing documents before sending them to the client represents additional server overhead. And second, enabling SSI creates a security risk. For example, an unwise user might embed directives to execute system commands that output confidential information. So, SSI can be very handy, but it must be used efficiently and cautiously.
The current chapter summarizes the Server Side Includes. There aren't many, but they perform some of the most basic CGI-like operations, and can spare you quite a bit of coding.
In order to tell the NCSA and Apache servers which files to parse, you must modify two server configuration files, srm.conf and access.conf, as follows:
AddType text/x-server-parsed-html .shtml
Alternatively, specifying the suffix .html would make the server parse all HTML documents; however, keep in mind that parsing every HTML file could present a noticeable server drain.
Options Includes ExecGCI
See Chapter 13, Server Side Includes, for more information on configuring the Apache and NCSA servers.