On an origin HTTP-DeleGate, a local file with suffix ".shtml" is regarded,
like a file with ".html",
as a HTML file except that it includes special tags for
Server Side Include (SSI) and META which are to be
interpreted and substituted by the HTTP-DeleGate
before it is sent to a client.
will be substituted with the data specified by "virtual" attribute.
"virtual" can be full URL like "proto://server/upath"
or partial URL like "/upath" which will be interpreted
Relative URLs like "upath" without leading "/"
are interpreted as relative to the base (current) shtml file.
Note that including a resource by SSI is under the access control of
DeleGate (as origin or proxy server) common to the access control
against client users. That is, if a client user is forbidden to
access the included resource, it is also forbidden even via SSI-include.
Especially allowing including a resource out of the DeleGate server,
with URL like virtual=http://exserver/dir/fileX
can make a security hole made by a user as a SHTML writer.
In an origin server, relaying as a proxy must be forbidden by
RELAY=no, but it also forbids SSI-include to do
from other servers.
A simple workaround in version 9 is adding a limited RELAY as
RELAY="proxy:http:exserver:*" that only allows
relaying to exserver.
Another safer workaround is using MOUNT like
MOUNT="/ex/* http://exserver/dir/*" then write SSI-include like
But both of these allows client users to access to resources
other than the intended virtual URL in the exserver.