Basic Usage

The ASP Request object retrieves all sorts of information from the client (ie browser user) whenever a client makes an HTTP request. The different types of information are variables grouped into collections:

  • ClientCertificate has variables from the client's security certificate.
  • Cookies has variables from cookies stored on the client's machine.
  • Form has variables from a form on the page which originated the request.
  • QueryString has variables from the URL generated by the page which originated the request.
  • ServerVariables has variables regarding predetermined environment variables.

It is possible to retrieve any variable by using Request(variable) syntax but sometimes it is faster and more explicit to use Request.Collection(variable) syntax.

The Request collections can be looped through like most other collections. Here the "key" corresponds to a variable name, and the "item" corresponds to the variable value:

'In VBScript
For i = 1 to Request.Form.Count
    Response.Write i & ":" & Request.Form(i) & "<br>"
    Response.Write Request.Form.key(i) & ":" & Request.Form.item(i) & "<br>"

//In JScript
for (i = 1; i <= Request.Form.count(); i++) { //Note the "array" is 1-based
    Response.Write(i + ":" + Request.Form(i) + "<br />");
    Response.Write(Request.Form.key(i) + ":" + Request.Form.item(i) + "<br>");

ASP collections are similar to JScript arrays but not the same. .count is similar to the someArray.length. An oddity is that in JScript either .count() or .count will work.

Request.Form.count()    //The count of Form variables/keys
Request.Form(i).count() //The count of values for that From variable/key
//Note that the latter is one for text fields but may be more for cheboxes and the like.

Characters that don't transfer well in URLs are encoded with this syntax: %XX (if non-alphanumeric ASCII) or %uXXXX (if non-ASCII). Here is a table of relevant special characters in the URL:

Special character Special meaning Hexadecimal encoding
+ Indicates a space (spaces cannot be used in a URL). %20
# Indicates bookmarks. %23
% Specifies special characters. %25
& Separator between parameters specified in the URL. %26
/ Separates directories and subdirectories. %2F
? Separates the actual URL and the parameters. %3F

EG General

This example demonstrates the ServerVariables, Form, and QueryString collections.

If Request.ServerVariables("REQUEST_METHOD") = "POST" Then
    strName = Request.Form("txtName")
Else 'The form submit method was GET
    strName = Request.QueryString("Sequence")
End If

EG QueryString

This example shows what a QueryString in the URL of a client's address bar might look like. The space ( ) is parsed as %20, i.e. 32 decimal in ASCII.!&var2=checked

EG BinaryRead

It is possible to get raw data (unsigned bytes) from a page with Reqeust.BinaryRead:

vntPostedData = Request.BinaryRead(Request.TotalBytes)



X.509 standard security variables from the client's certificate when requests are made with https:// (instead of http://) in the URL and the web server has been configured for the SSL3.0/PCT1 protocol. The following variables can be retrieved:

  • Certificate. The whole certificate.
  • Flags. Additional certificate info.
  • Issuer[SubField]. Info about who issued the certificate.
  • SerialNumber. An ASCII representation of the certificate serial number in hexadecimal.
  • Subject[SubField]. Info about who the certificate is for.
  • ValidFrom.
  • ValidUntil.


Variables from cookies on the client's machine can be retrieved.

'Returns all Key=Value pairs in query string format.
Request.Cookies(cookie)(key) 'Returns value for specified key in a cookie.
'Returns true if the cookie has keys. 'Read-only.

To set cookies, see also Response.


Data from the client sent via an HTML form. Used with HTML form method="post".

Request.Form'Returns data from all form elements in query string format.
'Returns value from specfied element in form.
For i = 1 To Request.Form("checkboxElement").Count
Response.Write Request.Form("checkboxElement")(i) & "<br />" 'A checkbox may have 0-N values 'These are 1-based not 0-based, even in JS
Dim Item
For Each Item in Request.Form
    Response.Write("<p>" & Item & ": " & Request.Form(Item).Item & ".</p>" & Chr(10))
    'Shows collected field names and field values.

Click here for an fuller example of Handling Forms.


Info from the user that is attached to the URL. Used with HTML form method="get". The data is attached to the URL with a ?, followed by key and value pairs concatenated with &. The full URL (including everything before the query string) has a max of 2083 bytes.

'Returns the whole query string.
'Returns value from specified key.
For Each item In Request.QueryString("key")
    Response.Write Request.QueryString("key")(item) & "<br />"
 'A key may occur multiple time in a query string.

It is common to check for the existence of a querystring variable. This is very finicky because of the different way of "nothing" (null, undefined, and empty string just for starters).

'In VBScript
Dim strMessage
If IsNull(Request.QueryString("msg")) or IsEmpty(Request.QueryString("msg")) Then
    strMessage = ""
    strMessage = Request.QueryString("msg")
End If
If Len(strMessage) > 0 Then
    Response.Write strMessage
End If
//In Javascript
var Message=String(Request.QueryString("msg"));
if ((Message.length > 0) && (Message != "undefined")) Response.Write(Message);


Variables regarding predetermined environment variables.

'Returns specified server environment variable.

Click here for a fuller example of Server Variables.

Here are some of the nicer environment variables that can be retrieved:

  • APPL_PHYSICAL_PATH. For the current Web app, returns the virtual-to-physical mapping. EG: C:\InetPub\wwwroot\ or \\Server\inetpub\wwwroot\.
  • CONTENT_LENGTH. Length of content sent by client.
  • CONTENT_TYPE. Data type of content sent by client.
  • HTTPS. Returns on if request came through SSL encryption, return off otherwise.
  • HTTP_CustomHeader. Any custom header variable.
  • HTTP_COOKIE. Identifies the cookie string.
  • HTTP_REFERER. The URL that called the current page. EG: The current page may have been called from something like
  • HTTP_USER_AGENT. The browser of the viewer. EG: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7b) Gecko/20040316.
  • LOCAL_ADDR. Returns IP of the Web server.
  • LOGON_USER. Returns the Windows NT account used by the user.
  • PATH_INFO, SCRIPT_NAME, URL. For the current file, returns the virtual path. Useful to reference self. EG: /subdir/index.asp.
  • PATH_TRANSLATED. For the current file, returns the virtual-to-physical mapping, EG: C:\InetPub\wwwroot\subdir\index.asp or \\Server\inetpub\wwwroot\subdir\index.asp.
  • QUERY_STRING. Returns the whole query string. EG: name=Fred.
  • REMOTE_ADDR, REMOTE_HOST. Returns the IP of the user.
  • REQUEST_METHOD. Returns the method used to make the request. The default for HTTP is GET (info added to the main URL with a ?), but can be things like POST (info accessed via controls in a form on the current page) or HEAD.
  • SERVER_NAME, HTTP_HOST. The site name. EG: or localhost. Often used to distinguish a production server from a development server.
  • SERVER_PORT. Usually 80 for https or 443 for https.
  • SERVER_SOFTWARE. Name and version of the server software. EG: Microsoft-IIS/5.0.



Read only. The number of bytes sent by the client in the request.



Gets an array of unsigned bytes from the client as part of a POST request. The length of the array (count) must be less than or equal to the Request.TotalBytes. Request.BinaryRead() and Request.Form are exclusive, that is you can use one but not the other in any given ASP page.

GeorgeHernandez.comSome rights reserved