以下是MSDN (1999年4月版)提供的 IE5 所支持的所有server端变量
部分变量在以前的版本中不支持,而且在以后的版本中可能会有变化(这是Microsoft的原话)

Variable Description
ALL_HTTP All HTTP headers sent by the client.
ALL_RAW Retrieves all headers in the raw-form. The difference between ALL_RAW and ALL_HTTP is that ALL_HTTP places an HTTP_ prefix before the header name and the header-name is always capitalized. In ALL_RAW the header name and values appear as they are sent by the client.  
APPL_MD_PATH Retrieves the metabase path for the (WAM) Application for the ISAPI DLL.
APPL_PHYSICAL_PATH Retrieves the physical path corresponding to the metabase path. IIS converts the APPL_MD_PATH to the physical (directory) path to return this value.
AUTH_PASSWORD The value entered in the client's authentication dialog. This variable is only available if Basic authentication is used.  
AUTH_TYPE The authentication method that the server uses to validate users when they attempt to access a protected script.
AUTH_USER Raw authenticated user name.  
CERT_COOKIE Unique ID for client certificate, Returned as a string. Can be used as a signature for the whole client certificate.
CERT_FLAGS bit0 is set to 1 if the client certificate is present.
bit1 is set to 1 if the Certificate Authority of the client certificate is invalid (not in the list of recognized CA on the server).

CERT_ISSUER Issuer field of the client certificate (O=MS, OU=IAS, CN=user name, C=USA).
CERT_KEYSIZE Number of bits in Secure Sockets Layer connection key size. For example, 128.
CERT_SECRETKEYSIZE Number of bits in server certificate private key. For example, e.g. 1024.
CERT_SERIALNUMBER Serial number field of the client certificate.
CERT_SERVER_ISSUER Issuer field of the server certificate.
CERT_SERVER_SUBJECT Subject field of the server certificate.
CERT_SUBJECT Subject field of the client certificate.
CONTENT_LENGTH The length of the content as given by the client.  
CONTENT_TYPE The data type of the content. Used with queries that have attached information, such as the HTTP queries GET, POST, and PUT.
GATEWAY_INTERFACE The revision of the CGI specification used by the server. The format is CGI/revision.  
HTTP_<HeaderName> The value stored in the header HeaderName. Any header other than those listed in this table must be prefixed by HTTP_ in order for the ServerVariables collection to retrieve its value.
Note   The server interprets any underscore (_) characters in HeaderName as dashes in the actual header. For example if you specify HTTP_MY_HEADER, the server searches for a header sent as MY-HEADER.

HTTP_ACCEPT Returns the value of the Accept header.
HTTP_ACCEPT_LANGUAGE Returns a string describing the language to use for displaying content.
HTTP_USER_AGENT Returns a string describing the browser that sent the request.
HTTP_COOKIE Returns the cookie string that was included with the request.
HTTP_REFERER Returns a string containing the URL of the original request when a redirect has occurred.  
HTTPS Returns ON if the request came in through secure channel (SSL) or it returns OFF if the request is for a non-secure channel.
HTTPS_KEYSIZE Number of bits in Secure Sockets Layer connection key size. For example, 128.
HTTPS_SECRETKEYSIZE Number of bits in server certificate private key. For example, 1024.
HTTPS_SERVER_ISSUER Issuer field of the server certificate.
HTTPS_SERVER_SUBJECT Subject field of the server certificate.
INSTANCE_ID The ID for the IIS instance in textual format. If the instance ID is 1, it appears as a string. You can use this variable to retrieve the ID of the Web-server instance (in the metabase) to which the request belongs.
INSTANCE_META_PATH The metabase path for the instance of IIS that responds to the request.
LOCAL_ADDR Re