Solved

Why are Server Side Includes considered outdated?

Posted on 2013-02-06
6
453 Views
Last Modified: 2013-02-08
Hello,

I'm re-designing a website that was built on server side includes to insert common pieces of page content.

For example, the navigation bar and some top-of-the-page content plus a footer are all included in every page on the site by SSI.

I keep reading that SSI is an outdated technology, don't use it.  This website is static - a simple information delivery site - no dynamic content.  So it's not going to make full use of PHP or Perl templating or anything like that.  I just need to insert the common elements.

In such a situation, is there  case to consider SSI too out of date to use and I should use something else?  Os scan I justify suffering the snickering of the cool kids and do what works?

Thanks
0
Comment
Question by:xfvgdrthbdtyvhgscv
  • 3
  • 2
6 Comments
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 38861383
What authoritative source deems them outdated technology.  I can not imagine a LAMP based site that would not be using some includes.  I think you are either misinterpreting something you read, or your sources a on another planet.

Cd&
0
 
LVL 12

Expert Comment

by:mwochnick
ID: 38861452
If you aren't using a dynamic technology such as PHP, as you indicate, it seems like a perfect answer to your problem.  There's some nice discussion on this page http://www.smileycat.com/miaow/archives/001429.php
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 38861795
That site sems to be discussing SSI (a Microsoft thing) which is not even available (or necessary) for the majority of sites that use a modern server and scripting language.

Perhaps there is some confusion. SSI is not a preferred technology, however using server side includes loaded by server side scripting is used on 80% plus of modern sites.  Sometimes the includes are relatively static or they may be called templates and often they are actually server side scripts.  

The so-called modern approach of using jquery carries a serious penalty in performance. just loading the base jquery library to the browser requires more time than 8 - 10 fetches of include files. Of course there are addition loads for the jquery plugins.  The client side scripts can be cached; and on the server side includes can also be cached and distributed using CDS systems.  The sever side files are generally ready to go on delivery to the browser, but client side scripted solutions have to take additional time to execute before the final rendering.

If that is not enough downside; consider what the jquery solution does to the integrity of the page.  The DOM is hacked by the scripting.  CSS in stylesheets has been blocked and the cascade broken by the application of inline styles.  It is impossible to do diagnostics with simple tools because the original source references may no longer be valid or match the document object.

Cd&
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 12

Assisted Solution

by:mwochnick
mwochnick earned 100 total points
ID: 38865155
SSI isn't a Microsoft thing - apache supports it as well.  It is older, many people prefer to use scripting languages like perl or php but you don't have to to accomplish your goals.  
SSI has a higher security risk than static html, but the same as CGI,

Here's a link to security concerns for apache, it has a section on SSI
http://httpd.apache.org/docs/current/misc/security_tips.html
Here's a reference to SSI in general
http://www.w3u.net/w3u/faqs/ssi/
Here's a Microsoft reference on securing SSI
http://www.iis.net/configreference/system.webserver/serversideinclude


Peronally, if i were rebuilding a website I'd use something like wordpress, drupal or joomla to build it, which are based on php.  They are all
free
have a large active support/development community
can be configured to perform well
have many free add-ons(themes and plugins)
have essentially the same security risk as SSI

In addition you get the flexibility provided by a scripting platform.
0
 
LVL 53

Accepted Solution

by:
COBOLdinosaur earned 400 total points
ID: 38865374
There seems to be a matter of semantics here.  The mini scripting language "Server Side Includes (SSI)" is an obsolete approach.  Dynamically included content is not, and does not have any security issues beyond those of the server side scripting language.  

I'd use something like wordpress, drupal or joomla to build it,

Those and virtually every other CMS are heavily dependent on included content processing using the db, templates, common include fragments, and scripted overlays.  They also have support for CDS to optimize response time by caching common include fragments.  

If the Question is "should the specific technology named SSI be considered dead"; not quite dead yet (unfortunately) but certainly obsolete.  However if the question about  the include technologies that have evolved into the rich CMS formats, and scripting that supports custom CMS then the answer is quite the opposite, and the use will expand and continue to evolve to managed multiple platform support.


Cd&
0
 
LVL 1

Author Comment

by:xfvgdrthbdtyvhgscv
ID: 38868617
Thanks, all, for your remarks.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

This article covers the basics of the Sass, which is a CSS extension language. You will learn about variables, mixins, and nesting.
Browsers only know CSS so your awesome SASS code needs to be translated into normal CSS. Here I'll try to explain what you should aim for in order to take full advantage of SASS.
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now