Server Object (IIS)

"Server" Object (IIS)

You can use the Server object to access methods and properties on the server. Most of these methods and properties serve as utility functions.

Server object methods

1. CreateObject
2. Execute 
3. GetLastError 
4. HTMLEncode 
5. MapPath 
6. Transfer 
7. URLEncode 

Server.CreateObject creates an instance of a server component.

The CreateObject method creates an instance of a server component. If the component has implemented the OnStartPage and OnEndPage methods, the OnStartPage method is called at this time.

<% Set MyAd = Server.CreateObject("MSWC.AdRotator") %>

Server.Execute executes an .asp file.

Server.GetLastError returns an ASPError object that describes the error condition.

Server.HTMLEncode applies HTML encoding to the specified string.

The HTMLEncode method applies HTML encoding to a specified string. This is useful as a quick method of encoding form data and other client request data before using it in your Web application. Encoding data converts potentially unsafe characters to their HTML-encoded equivalent. If the string to be encoded is not DBCS, HTMLEncode converts characters as follows:

• The less-than character (<) is converted to &lt;.
• The greater-than character (>) is converted to &gt;.
• The ampersand character (&) is converted to &amp;.
• The double-quote character (") is converted to &quot;.
• Any ASCII code character whose code is greater-than or equal to 0x80 is converted to &#<number>, where <number> is the ASCII character value.

If the string to be encoded is DBCS, HTMLEncode converts characters as follows:

All extended characters are converted.

Any ASCII code character whose code is greater-than or equal to 0x80 is converted to &#<number>, where <number> is the ASCII character value.

Half-width Katakana characters in the Japanese code page are not converted.

Server.MapPath maps the specified virtual path, either the absolute path on the current server or the path relative to the current page, into a physical path. https://docs.microsoft.com/en-us/dotnet/api/system.web.httpserverutility.mappath?view=netframework-4.

Server.Transfer sends all of the current state information to another .asp file for processing

Server.URLEncode applies URL encoding rules, including escape characters, to the string.

https://docs.microsoft.com/en-us/previous-versions/iis/6.0-sdk/ms525541(v=vs.90)

https://docs.microsoft.com/en-us/iis/get-started/getting-started-with-iis/getting-started-with-the-iis-manager-in-iis-7-and-iis-8

https://docs.microsoft.com/en-us/iis/get-started/whats-new-in-iis-10-version-1709/new-features-introduced-in-iis-10-1709

ASP.NET MVC System.Web Namespace in Nutshell

System.Web Namespace contains classes and interfaces that enable browser-server communication. System.Web also includes classes for cookie manipulation, file transfer, exception information, and output cache control. Some important classes of this namespace are as follows.

• HttpRequest
• HttpResponse 
• HttpServerUtility 
• HttpContextBase 
• HttpContextWrapper 
• HttpRequestBase 
• HttpRequestWrapper 
• HttpRuntime 

SOME FACTS

• HttpRequest class provides extensive information about the current HTTP request. 
• HttpResponse class manages HTTP output to the client.
• HttpServerUtility class provides access to server-side utilities and processes. 
• HttpContextBase class serves as the base class for classes that contain HTTP-specific information about an individual HTTP request. The HttpContextBase class is an abstract class that contains the same members as the HttpContext class. The HttpContextBase class enables you to create derived classes that are like the HttpContext class, but that you can customize and that work outside the ASP.NET pipeline. When you perform unit testing, you typically use a derived class to implement members with customized behavior that fulfills the scenario you are testing.
• HttpContextWrapper class derives from the HttpContextBase class. HttpContextWrapper class serves as a wrapper for the HttpContext class. At run time, you typically use an instance of the HttpContextWrapper class to call members on the HttpContext object.

HttpRequest class enables ASP.NET to read the HTTP values sent by a client during a Web request.

PROPERTIES
AcceptTypes	Gets a string array of client-supported MIME accept types.
AnonymousID	Gets the anonymous identifier for the user, if present.
ApplicationPath	Gets the ASP.NET application's virtual application root path on the server.
AppRelativeCurrentExecutionFilePath	Gets the virtual path of the application root and makes it relative by using the tilde (~) notation for the application root (as in "~/page.aspx").
Browser	Gets or sets information about the requesting client's browser capabilities.
ClientCertificate	Gets the current request's client security certificate.
ContentEncoding	Gets or sets the character set of the entity-body.
ContentLength	Specifies the length, in bytes, of content sent by the client.
ContentType	Gets or sets the MIME content type of the incoming request.
Cookies	Gets a collection of cookies sent by the client.
CurrentExecutionFilePath	Gets the virtual path of the current request.
CurrentExecutionFilePathExtension	Gets the extension of the file name that is specified in the CurrentExecutionFilePath property.
FilePath	Gets the virtual path of the current request.
Files	Gets the collection of files uploaded by the client, in multipart MIME format.
Filter	Gets or sets the filter to use when reading the current input stream.
Form	Gets a collection of form variables.
Headers	Gets a collection of HTTP headers.
HttpChannelBinding	Gets the ChannelBinding object of the current HttpWorkerRequest instance.
HttpMethod	Gets the HTTP data transfer method (such as GET, POST, or HEAD) used by the client.
InputStream	Gets the contents of the incoming HTTP entity body.
IsAuthenticated	Gets a value indicating whether the request has been authenticated.
IsLocal	Gets a value indicating whether the request is from the local computer.
IsSecureConnection	Gets a value indicating whether the HTTP connection uses secure sockets (that is, HTTPS).
Item[String]	Gets the specified object from the QueryString, Form, Cookies, or ServerVariables collections.
LogonUserIdentity	Gets the WindowsIdentity type for the current user.
Params	Gets a combined collection of QueryString, Form, Cookies, and ServerVariables items.
Path	Gets the virtual path of the current request.
PathInfo	Gets the additional path information for a resource with a URL extension.
PhysicalApplicationPath	Gets the physical file system path of the currently executing server application's root directory.
PhysicalPath	Gets the physical file system path corresponding to the requested URL.
QueryString	Gets the collection of HTTP query string variables.
RawUrl	Gets the raw URL of the current request.
ReadEntityBodyMode	Gets a value that indicates whether the request entity body has been read, and if so, how it was read.
RequestContext	Gets the RequestContext instance of the current request.
RequestType	Gets or sets the HTTP data transfer method (GET or POST) used by the client.
ServerVariables	Gets a collection of Web server variables.
TimedOutToken	Gets a CancellationToken object that is tripped when a request times out.
TlsTokenBindingInfo	Gets the TLS token binding information. The property enables applications to retrieve token information from incoming HTTP requests for enhanced authentication.
TotalBytes	Gets the number of bytes in the current input stream.
Unvalidated	Gets the HTTP request values without triggering request validation.
Url	Gets information about the URL of the current request.
UrlReferrer	Gets information about the URL of the client's previous request that linked to the current URL.
UserAgent	Gets the raw user agent string of the client browser that has been provided. Please note it may be null.
UserHostAddress	Gets the IP host address of the remote client.
UserHostName	Gets the DNS name of the remote client.
UserLanguages	Gets a sorted string array of client language preferences.

Methods of Request class

METHODS
Abort()	Forcibly terminates the underlying TCP connection, causing any outstanding I/O to fail. You might use this method in response to an attack by a malicious HTTP client.
BinaryRead(Int32)	Performs a binary read of a specified number of bytes from the current input stream.
Equals(Object)	Determines whether the specified object is equal to the current object. (Inherited from Object)
GetBufferedInputStream()	Gets a Stream object that can be used to read the incoming HTTP entity body.
GetBufferlessInputStream()	Gets a Stream object that can be used to read the incoming HTTP entity body.
GetBufferlessInputStream(Boolean)	Gets a Stream object that can be used to read the incoming HTTP entity body, optionally disabling the request-length limit that is set in the MaxRequestLength property.
GetHashCode()	Serves as the default hash function. (Inherited from Object)
GetType()	Gets the Type of the current instance. (Inherited from Object)
InsertEntityBody()	Provides IIS with a copy of the HTTP request entity body.
InsertEntityBody(Byte[], Int32, Int32)	Provides IIS with a copy of the HTTP request entity body and with information about the request entity object.
MapImageCoordinates(String)	Maps an incoming image-field form parameter to appropriate x-coordinate and y-coordinate values.
MapPath(String)	Maps the specified virtual path to a physical path.
MapPath(String, String, Boolean)	Maps the specified virtual path to a physical path.
MapRawImageCoordinates(String)	Maps an incoming image field form parameter into appropriate x and y coordinate values.
MemberwiseClone()	Creates a shallow copy of the current Object. (Inherited from Object)
SaveAs(String, Boolean)	Saves an HTTP request to disk.
ToString()	Returns a string that represents the current object. (Inherited from Object)
ValidateInput()	Causes validation to occur for the collections accessed through the Cookies, Form, and QueryString properties.

The HttpRequestBase class is an abstract class that contains the same members as the HttpRequest class. The HttpRequestBase class enables you to create derived classes that are like the HttpRequest class, but that you can customize and that work outside the ASP.NET pipeline. When you perform unit testing, you typically use a derived class to implement members that have customized behavior that fulfills the scenario that you are testing.

The HttpRequestWrapper class derives from the HttpRequestBase class. The HttpRequestWrapper class serves as a wrapper for the HttpRequest class. At run time, you typically use an instance of the HttpRequestWrapper class to invoke members of the HttpRequest object. It encapsulates the HTTP intrinsic object that enables ASP.NET to read the HTTP values that are sent by a client during a Web request. This class exposes the functionality of the HttpRequest class and exposes the HttpRequestBase type. The HttpRequestBase class enables you to replace the original implementation of the HttpRequest class in your application with a custom implementation, such as when you perform unit testing outside the ASP.NET pipeline.

Response class

The methods and properties of the HttpResponse class are exposed through the Response property of the HttpApplication, HttpContext, Page, and UserControl classes.

The following methods of the HttpResponse class are supported only in post back scenarios and not in asynchronous post back scenarios:

• BinaryWrite

• Clear

• ClearContent

• ClearHeaders

• Close

• End

• Flush

• TransmitFile

• Write

• WriteFile

• WriteSubstitution

CONSTRUCTORS
HttpResponse(TextWriter)	Initializes a new instance of the HttpResponse class.

PROPERTIES
Buffer	Gets or sets a value indicating whether to buffer output and send it after the complete response is finished processing.
BufferOutput	Gets or sets a value indicating whether to buffer output and send it after the complete page is finished processing.
Cache	Gets the caching policy (such as expiration time, privacy settings, and vary clauses) of a Web page.
CacheControl	Gets or sets the Cache-Control HTTP header that matches one of the HttpCacheability enumeration values.
Charset	Gets or sets the HTTP character set of the output stream.
ClientDisconnectedToken	Gets a CancellationToken object that is tripped when the client disconnects.
ContentEncoding	Gets or sets the HTTP character set of the output stream.
ContentType	Gets or sets the HTTP MIME type of the output stream.
Cookies	Gets the response cookie collection.
Expires	Gets or sets the number of minutes before a page cached on a browser expires. If the user returns to the same page before it expires, the cached version is displayed. Expires is provided for compatibility with earlier versions of ASP.
ExpiresAbsolute	Gets or sets the absolute date and time at which to remove cached information from the cache. ExpiresAbsolute is provided for compatibility with earlier versions of ASP.
Filter	Gets or sets a wrapping filter object that is used to modify the HTTP entity body before transmission.
HeaderEncoding	Gets or sets an Encoding object that represents the encoding for the current header output stream.
Headers	Gets the collection of response headers.
HeadersWritten	Gets a value indicating whether the response headers have been written.
IsClientConnected	Gets a value indicating whether the client is still connected to the server.
IsRequestBeingRedirected	Gets a Boolean value indicating whether the client is being transferred to a new location.
Output	Enables output of text to the outgoing HTTP response stream.
OutputStream	Enables binary output to the outgoing HTTP content body.
RedirectLocation	Gets or sets the value of the HTTP Location header.
Status	Sets the Status line that is returned to the client.
StatusCode	Gets or sets the HTTP status code of the output returned to the client.
StatusDescription	Gets or sets the HTTP status string of the output returned to the client.
SubStatusCode	Gets or sets a value qualifying the status code of the response.
SupportsAsyncFlush	Gets a value that indicates whether the connection supports asynchronous flush operations.
SuppressContent	Gets or sets a value indicating whether to send HTTP content to the client.
SuppressDefaultCacheControlHeader	Gets or sets a value indicating whether to suppress the default Cache Control: private header for the current HTTP response.
SuppressFormsAuthenticationRedirect	Gets or sets a value that specifies whether forms authentication redirection to the login page should be suppressed.
TrySkipIisCustomErrors	Gets or sets a value that specifies whether IIS 7.0 custom errors are disabled.

The HttpResponseBase class is an abstract class that contains the same members as the HttpResponse class. The HttpResponseBase class enables you to create derived classes that are like the HttpResponse class, but that you can customize and that work outside the ASP.NET pipeline. When you perform unit testing, you typically use a derived class to implement members that have customized behavior that fulfills the scenario you are testing.

The HttpResponseWrapper class derives from the HttpResponseBase class. The HttpResponseWrapper class serves as a wrapper for the HttpResponse class. At run time, you typically use an instance of the HttpResponseWrapper class to call members of the HttpResponse object.

HttpRuntime Class provides a set of ASP.NET run-time services for the current application.

The HttpRuntime object is used at the beginning of the ASP.NET pipeline model that processes HTTP requests. The ProcessRequest method drives all subsequent ASP.NET Web processing.

Page developers can use the HttpRuntime class properties to find out information about the current application domain for diagnostic purposes, for example. Developers creating custom process pipeline or a custom hosting environment should call the ProcessRequest method from a class derived from the HttpWorkerRequest or SimpleWorkerRequest class.

The SiteMap class is an in-memory representation of the navigation structure for a site, which is provided by one or more site map providers. This class cannot be inherited.

A SiteMap object is a component of the ASP.NET site navigation infrastructure that provides access to read-only site map information for page and control developers using navigation and SiteMapDataSource controls.

The HttpFileCollection collection is returned from the Files property of the HttpRequest object. 

HttpFileCollectionBase class serves as the base class for classes that provide access to files that were uploaded by a client.

The HttpFileCollectionBase class is an abstract class that contains the same members as the HttpFileCollection class. The HttpFileCollectionBase class lets you create derived classes that are like the HttpFileCollection class, but that you can customize and that work outside the ASP.NET pipeline. When you perform unit testing, you typically use a derived class to implement members with customized behavior that fulfills the scenario that you are testing.

The HttpFileCollectionWrapper class derives from the HttpFileCollectionBase class. The HttpFileCollectionWrapper class serves as a wrapper for the HttpFileCollection class. At run time, you typically use an instance of the HttpFileCollectionWrapper class to call members of the HttpFileCollection object.

HttpPostedFile Class provides access to individual files that have been uploaded by a client.

The HttpFileCollection class provides access to all the files that are uploaded from a client as a file collection. The HttpPostedFile class provides properties and methods to get information about an individual file and to read and save the file.

The HtmlInputFile control can be used to select and upload files from a client.

Files are uploaded in MIME multipart/form-data format. 

By default, all requests, including form fields and uploaded files, larger than 256 KB are buffered to disk, rather than held in server memory.

You can specify the maximum allowable request size by accessing the MaxRequestLength property or by setting the maxRequestLength attribute of the HttpRuntime Element (ASP.NET Settings Schema) element within the Machine.config or Web.config file. The default is 4 MB.

The amount of data that is buffered in server memory for a request, which includes file uploads, can be specified by accessing the RequestLengthDiskThreshold property or by setting the requestLengthDiskThreshold attribute of the HttpRuntime Element (ASP.NET Settings Schema) element within the Machine.config or Web.config file.

By adjusting the MaxRequestLength and RequestLengthDiskThreshold properties, you can fine tune the performance of your server. Additionally, you should consider setting the MaxRequestLength to prevent denial of service attacks caused by users posting large files to the server.

Server resources that are allocated to buffer the uploaded file will be destroyed when the request ends. To save a durable copy of the file, use the SaveAs method.

HttpPostedFile 

PROPERTIES
ContentLength	Gets the size of an uploaded file, in bytes.
ContentType	Gets the MIME content type of a file sent by a client.
FileName	Gets the fully qualified name of the file on the client.
InputStream	Gets a Stream object that points to an uploaded file to prepare for reading the contents of the file.

HttpPostedFile 

METHODS
Equals(Object)	Determines whether the specified object is equal to the current object. (Inherited from Object)
GetHashCode()	Serves as the default hash function. (Inherited from Object)
GetType()	Gets the Type of the current instance. (Inherited from Object)
MemberwiseClone()	Creates a shallow copy of the current Object. (Inherited from Object)
SaveAs(String)	Saves the contents of an uploaded file.
ToString()	Returns a string that represents the current object. (Inherited from Object)

The HttpPostedFileBase class is an abstract class that contains the same members as the HttpPostedFile class. The HttpPostedFileBase class lets you create derived classes that are like the HttpPostedFile class, but that you can customize and that work outside the ASP.NET pipeline. When you perform unit testing, you typically use a derived class to implement members that have customized behavior that fulfills the scenario you are testing.

The HttpPostedFileWrapper class derives from the HttpPostedFileBase class. The HttpPostedFileWrapper class serves as a wrapper for the HttpPostedFile class. At run time, you typically use an instance of the HttpPostedFileWrapper class to call members of the HttpPostedFile object.

Content source complied from Microsoft site