Professional Documents
Culture Documents
Contents
1History
2Purpose of the CGI standard
3Using CGI scripts
4Example
5Deployment
6Uses
7Alternatives
8See also
9References
10External links
History[edit]
Example[edit]
The following Perl program shows all the environment variables passed by the Web server:
#!/usr/bin/perl
=head1 DESCRIPTION
=cut
print "Content-type: text/plain\n\n";
If a Web browser issues a request for the environment variables at http://example.com/cgi-
bin/printenv.pl/foo/bar?var1=value1&var2=with%20percent%20encoding , a 64-
bit Microsoft Windows web server running cygwin returns the following information:
COMSPEC="C:\Windows\system32\cmd.exe"
DOCUMENT_ROOT="C:/Program Files (x86)/Apache Software
Foundation/Apache2.2/htdocs"
GATEWAY_INTERFACE="CGI/1.1"
HOME="/home/SYSTEM"
HTTP_ACCEPT="text/html,application/xhtml+xml,application/xml;q=0.9,*/
*;q=0.8"
HTTP_ACCEPT_CHARSET="ISO-8859-1,utf-8;q=0.7,*;q=0.7"
HTTP_ACCEPT_ENCODING="gzip, deflate"
HTTP_ACCEPT_LANGUAGE="en-us,en;q=0.5"
HTTP_CONNECTION="keep-alive"
HTTP_HOST="example.com"
HTTP_USER_AGENT="Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101
Firefox/5.0"
PATH="/home/SYSTEM/bin:/bin:/cygdrive/c/progra~2/php:/cygdrive/c/windows/
system32:..."
PATHEXT=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC"
PATH_INFO="/foo/bar"
PATH_TRANSLATED="C:\Program Files (x86)\Apache Software Foundation\
Apache2.2\htdocs\foo\bar"
QUERY_STRING="var1=value1&var2=with%20percent%20encoding"
REMOTE_ADDR="127.0.0.1"
REMOTE_PORT="63555"
REQUEST_METHOD="GET"
REQUEST_URI="/cgi-bin/printenv.pl/foo/bar?var1=value1&var2=with%20percent
%20encoding"
SCRIPT_FILENAME="C:/Program Files (x86)/Apache Software
Foundation/Apache2.2/cgi-bin/printenv.pl"
SCRIPT_NAME="/cgi-bin/printenv.pl"
SERVER_ADDR="127.0.0.1"
SERVER_ADMIN="(server admin's email address)"
SERVER_NAME="127.0.0.1"
SERVER_PORT="80"
SERVER_PROTOCOL="HTTP/1.1"
SERVER_SIGNATURE=""
SERVER_SOFTWARE="Apache/2.2.19 (Win32) PHP/5.2.17"
SYSTEMROOT="C:\Windows"
TERM="cygwin"
WINDIR="C:\Windows"
Some, but not all, of these variables are defined by the CGI standard. Some, such
as PATH_INFO , QUERY_STRING , and the ones starting with HTTP_ , pass information along from
the HTTP request.
From the environment, it can be seen that the Web browser is Firefox running on a Windows
7 PC, the Web server is Apache running on a system that emulates Unix, and the CGI script is
named cgi-bin/printenv.pl .
The program could then generate any content, write that to standard output, and the Web server
will transmit it to the browser.
The following are environment variables passed to CGI programs:
<!DOCTYPE html>
<html>
<body>
<form action="add.cgi" method="POST">
Enter two numbers to add:<br />
First Number: <input type="text" name="num1" /><br />
Second Number: <input type="text" name="num2" /><br />
<input type="submit" value="Add" />
</form>
</body>
</html>
#!/usr/bin/env python2
import cgi
import cgitb
cgitb.enable()
input_data = cgi.FieldStorage()
This Python 2 CGI gets the inputs from the HTML and adds the two numbers together.
Deployment[edit]
A Web server that supports CGI can be configured to interpret a URL that it serves as a reference
to a CGI script. A common convention is to have a cgi-bin/ directory at the base of the
directory tree and treat all executable files within this directory (and no other, for security) as CGI
scripts. Another popular convention is to use filename extensions; for instance, if CGI scripts are
consistently given the extension .cgi , the web server can be configured to interpret all such files
as CGI scripts. While convenient, and required by many prepackaged scripts, it opens the server
to attack if a remote user can upload executable code with the proper extension.
In the case of HTTP PUT or POSTs, the user-submitted data are provided to the program via
the standard input. The Web server creates a subset of the environment variables passed to it
and adds details pertinent to the HTTP environment.
Uses[edit]
CGI is often used to process inputs information from the user and produce the appropriate output.
An example of a CGI program is one implementing a Wiki. The user agent requests the name of
an entry; the Web server executes the CGI; the CGI program retrieves the source of that entry's
page (if one exists), transforms it into HTML, and prints the result. The web server receives the
input from the CGI and transmits it to the user agent. If the "Edit this page" link is clicked, the CGI
populates an HTML textarea or other editing control with the page's contents, and saves it
back to the server when the user submits the form in it.
Alternatives[edit]
Calling a command generally means the invocation of a newly created process on the server.
Starting the process can consume much more time and memory than the actual work of
generating the output, especially when the program still needs to be interpreted or compiled. If
the command is called often, the resulting workload can quickly overwhelm the server.
The overhead involved in process creation can be reduced by techniques such as FastCGI that
"prefork" interpreter processes, or by running the application code entirely within the web server,
using extension modules such as mod_perl or mod_php. Another way to reduce the overhead is
to use precompiled CGI programs, e.g. by writing them in languages such as C or C++, rather
than interpreted or compiled-on-the-fly languages such as Perl or PHP, or by implementing the
page generating software as a custom webserver module.
Alternative approaches include: