Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Why are Server Side Includes considered outdated?

Posted on 2013-02-06
6
Medium Priority
?
559 Views
Last Modified: 2013-02-08
Hello,

I'm re-designing a website that was built on server side includes to insert common pieces of page content.

For example, the navigation bar and some top-of-the-page content plus a footer are all included in every page on the site by SSI.

I keep reading that SSI is an outdated technology, don't use it.  This website is static - a simple information delivery site - no dynamic content.  So it's not going to make full use of PHP or Perl templating or anything like that.  I just need to insert the common elements.

In such a situation, is there  case to consider SSI too out of date to use and I should use something else?  Os scan I justify suffering the snickering of the cool kids and do what works?

Thanks
0
Comment
Question by:xfvgdrthbdtyvhgscv
  • 3
  • 2
6 Comments
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 38861383
What authoritative source deems them outdated technology.  I can not imagine a LAMP based site that would not be using some includes.  I think you are either misinterpreting something you read, or your sources a on another planet.

Cd&
0
 
LVL 12

Expert Comment

by:mwochnick
ID: 38861452
If you aren't using a dynamic technology such as PHP, as you indicate, it seems like a perfect answer to your problem.  There's some nice discussion on this page http://www.smileycat.com/miaow/archives/001429.php
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 38861795
That site sems to be discussing SSI (a Microsoft thing) which is not even available (or necessary) for the majority of sites that use a modern server and scripting language.

Perhaps there is some confusion. SSI is not a preferred technology, however using server side includes loaded by server side scripting is used on 80% plus of modern sites.  Sometimes the includes are relatively static or they may be called templates and often they are actually server side scripts.  

The so-called modern approach of using jquery carries a serious penalty in performance. just loading the base jquery library to the browser requires more time than 8 - 10 fetches of include files. Of course there are addition loads for the jquery plugins.  The client side scripts can be cached; and on the server side includes can also be cached and distributed using CDS systems.  The sever side files are generally ready to go on delivery to the browser, but client side scripted solutions have to take additional time to execute before the final rendering.

If that is not enough downside; consider what the jquery solution does to the integrity of the page.  The DOM is hacked by the scripting.  CSS in stylesheets has been blocked and the cascade broken by the application of inline styles.  It is impossible to do diagnostics with simple tools because the original source references may no longer be valid or match the document object.

Cd&
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 12

Assisted Solution

by:mwochnick
mwochnick earned 400 total points
ID: 38865155
SSI isn't a Microsoft thing - apache supports it as well.  It is older, many people prefer to use scripting languages like perl or php but you don't have to to accomplish your goals.  
SSI has a higher security risk than static html, but the same as CGI,

Here's a link to security concerns for apache, it has a section on SSI
http://httpd.apache.org/docs/current/misc/security_tips.html
Here's a reference to SSI in general
http://www.w3u.net/w3u/faqs/ssi/
Here's a Microsoft reference on securing SSI
http://www.iis.net/configreference/system.webserver/serversideinclude


Peronally, if i were rebuilding a website I'd use something like wordpress, drupal or joomla to build it, which are based on php.  They are all
free
have a large active support/development community
can be configured to perform well
have many free add-ons(themes and plugins)
have essentially the same security risk as SSI

In addition you get the flexibility provided by a scripting platform.
0
 
LVL 53

Accepted Solution

by:
COBOLdinosaur earned 1600 total points
ID: 38865374
There seems to be a matter of semantics here.  The mini scripting language "Server Side Includes (SSI)" is an obsolete approach.  Dynamically included content is not, and does not have any security issues beyond those of the server side scripting language.  

I'd use something like wordpress, drupal or joomla to build it,

Those and virtually every other CMS are heavily dependent on included content processing using the db, templates, common include fragments, and scripted overlays.  They also have support for CDS to optimize response time by caching common include fragments.  

If the Question is "should the specific technology named SSI be considered dead"; not quite dead yet (unfortunately) but certainly obsolete.  However if the question about  the include technologies that have evolved into the rich CMS formats, and scripting that supports custom CMS then the answer is quite the opposite, and the use will expand and continue to evolve to managed multiple platform support.


Cd&
0
 
LVL 1

Author Comment

by:xfvgdrthbdtyvhgscv
ID: 38868617
Thanks, all, for your remarks.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

JavaScript has plenty of pieces of code people often just copy/paste from somewhere but never quite fully understand. Self-Executing functions are just one good example that I'll try to demystify here.
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Suggested Courses

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question