Windows Dev Center

Collapse the table of content
Expand the table of content
Expand Minimize

getOption Method


Returns the value of one of the following options:

  •            SXH_OPTION_URL (Read-only.)

  •            SXH_OPTION_URL_CODEPAGE         

  •            SXH_OPTION_ESCAPE_PERCENT_IN_URL         


  •            SXH_OPTION_SELECT_CLIENT_SSL_CERT         

Fore more information about these options, see Remarks.

varValue = oServerXMLHTTPRequest.getOption(option);



The option whose value is to be returned.


var xmlServerHttp = new ActiveXObject("Msxml2.ServerXMLHTTP.3.0");
var optvalue = xmlServerHttp.getOption(2);



This example returns the current value of the SXH_OPTION_IGNORE_SERVER_SSL_CERT_ERROR_FLAGS (option 2), which by default is 13056. This value maps to the SXH_SERVER_CERT_IGNORE_ALL_SERVER_ERRORS flag, indicating that the current XMLHTTP server instance will return all certificate errors.




The option whose value is to be returned.

 value[out, retval]

The return value of the option.

Return Values


Value returned if successful.

The following table lists the options available for the getOption method.





By default, returns a variant of type string that contains the URL of the resource. Read-only.

The SXH_OPTION_URL option allows the client to learn the final URL last used. For example, after a call made using the send method has completed, you can use this option to check the URL and see if any redirection occurred. The URL, however, cannot be read until the open method is next called.



By default, CP_UTF8 is the code page used to convert the Unicode URL string (specified in the open method) to a single-byte representation.

The SXH_OPTION_URL_CODEPAGE option allows the client to override this default with a different code page value. The client should specify an unsigned integer value for the code page.



By default, escaping unsafe ANSI characters in the URL (for example, " " -> "%20") does not escape the % character itself.

The SXH_OPTION_ESCAPE_PERCENT_IN_URL option allows the client to change this behavior. The client should specify a Boolean True/False value for this option.



The SXH_OPTION_IGNORE_SERVER_SSL_CERT_ERROR_FLAGS option is a DWORD mask of various flags that can be set to change this default behavior. The default value is to ignore all problems. You must set this option before calling the send method. The flags are as follows:

               SXH_SERVER_CERT_IGNORE_UNKNOWN_CA = 256             

Unknown certificate authority

               SXH_SERVER_CERT_IGNORE_WRONG_USAGE = 512             

Malformed certificate such as a certificate with no subject name.

               SXH_SERVER_CERT_IGNORE_CERT_CN_INVALID = 4096             

Mismatch between the visited hostname and the certificate name being used on the server.

               SXH_SERVER_CERT_IGNORE_CERT_DATE_INVALID = 8192             

The date in the certificate is invalid or has expired.

               SXH_SERVER_CERT_IGNORE_ALL_SERVER_ERRORS = 13056             

All certificate errors.

To turn off a flag, you subtract it from the default value, which is the sum of all flags. For example, to catch an invalid date in a certificate, you turn off the SXH_SERVER_CERT_IGNORE_CERT_DATE_INVALID flag as follows:

shx.setOption(2) = (shx.getOption(2) _



By default, the value of this option is an empty string (""), which means pick the first certificate in the local store to send if the server requests a client certificate.

The SXH_OPTION_SELECT_CLIENT_SSL_CERT option is a string that lets you select which client certificate from the local store should be sent. You must set this option before calling the send method. The following example sets the client certificate option to request the client certificate named "MSXML": certName = shx.getOption(3) = "MSXML"

Implemented in: MSXML 3.0 and MSXML 6.0


© 2015 Microsoft