SSI (Server Side Includes) are directives that are placed in HTML pages, and evaluated on the server while the pages are being served. They let you add dynamically generated content to an existing HTML page, without having to serve the entire page via a CGI program, or other dynamic technology.
Within Tomcat SSI support can be added when using Tomcat as your HTTP server and you require SSI support. Typically this is done during development when you don't want to run a web server like Apache.
Tomcat SSI support implements the same SSI directives as Apache. See the Apache Introduction to SSI for information on using SSI directives.
SSI support is available as a servlet and as a filter. You should use one or the other to provide SSI support but not both.
Servlet based SSI support is implemented using the class
org.apache.catalina.ssi.SSIServlet. Traditionally, this servlet
is mapped to the URL pattern "*.shtml".
Filter based SSI support is implemented using the class
org.apache.catalina.ssi.SSIFilter. Traditionally, this filter
is mapped to the URL pattern "*.shtml", though it can be mapped to "*" as
it will selectively enable/disable SSI processing based on mime types. The
contentType init param allows you to apply SSI processing to JSP pages,
By default SSI support is disabled in Tomcat.
CAUTION - SSI directives can be used to execute programs
external to the Tomcat JVM. If you are using the Java SecurityManager this
will bypass your security policy configuration in
To use the SSI servlet, remove the XML comments from around the SSI servlet
and servlet-mapping configuration in
To use the SSI filter, remove the XML comments from around the SSI filter
and filter-mapping configuration in
Only Contexts which are marked as privileged may use SSI features (see the privileged property of the Context element).
There are several servlet init parameters which can be used to configure the behaviour of the SSI servlet.
There are several filter init parameters which can be used to configure the behaviour of the SSI filter.
Server Side Includes are invoked by embedding SSI directives in an HTML document whose type will be processed by the SSI servlet. The directives take the form of an HTML comment. The directive is replaced by the results of interpreting it before sending the page to the client. The general form of a directive is:
<!--#directive [parm=value] -->
The directives are:
<!--#config timefmt="%B %Y" -->Used to set the format of dates and other items processed by SSI
<!--#echo var="VARIABLE_NAME" -->will be replaced by the value of the variable.
<!--#include virtual="file-name" -->inserts the contents
<!--#flastmod file="filename.shtml" -->Returns the time that a file was lost modified.
<!--#fsize file="filename.shtml" -->Returns the size of a file.
<!--#printenv -->Returns the list of all the defined variables.
<!--#set var="foo" value="Bar" -->is used to assign a value to a user-defined variable.
<!--#config timefmt="%A" --> <!--#if expr="$DATE_LOCAL = /Monday/" --> <p>Meeting at 10:00 on Mondays</p> <!--#elif expr="$DATE_LOCAL = /Friday/" --> <p>Turn in your time card</p> <!--#else --> <p>Yoga class at noon.</p> <!--#endif -->
See the Apache Introduction to SSI for more information on using SSI directives.
The SSI servlet currently implements the following variables: