CGI stands for Common Gateway Interface. It is a standard protocol for web servers to execute programs and generate output for web browsers. The program is referred to as a CGI program (or a CGI script). It executes on behalf of the web server to produce output when a particular URL is requested by the user’s web browser.
Benefits of CGIs
A CGI enhances a website in many ways. Starting from authenticating a user to providing a full scale shopping application, CGIs are at the very core of making the web dynamic and interactive. The following are some of the main benefits of using CGIs to enhance the user experience.
- Personalized to the user: The output can be personalized to each user. For example, a user may be checking his bank account balances, which may need to be retrieved from the database.
- Other types of personalization: The user may be using a mobile phone to access the website, and the output needs to be adjusted for the mobile phone resolution.
- Making updates: An update is performed as a result of a form POST (explained below). For example, you may be updating your Facebook status.
- Uploading files: A file uploaded by a user needs a CGI on the server end to handle the file upload request to store the file in a particular location.
- Generating output: In addition to output displayed in the browser, many websites offer additional forms of output, such as Word Document, PDF, etc. Some of these documents may need to be generated on the fly by CGIs, such as your telephone bill or credit card statement.
Serving Static Files vs. CGIs
Configuring Web Servers
A web server runs HTTP server software which provides the ability to serve out HTML files, as well as execute CGI programs to generate output on the fly. The HTTP server software is configured by the web server administrator to execute specific programs when URLs matching specific patterns are requested.
When a user’s browser makes a request to a particular URL, the browser sends a whole bunch of information, in the form of HTTP headers and possibly the HTTP body. Some of this may include:
- The browser type
- The user’s name if the user has logged in
- Any cookies previously stored by the web server
- Form variables if the request is a POST request
When a CGI is executed to fulfil this request, the server passed on all this information to the CGI program. The CGI may use some or all of this information to handle the request and personalize the output to the user.
Handling Form POSTs
A primary use of CGIs is to process HTML forms.
A HTML form is a user-interaction device and provides a variety of controls so the user can provide input. When the user clicks a Submit button (or something similar) on the form, the web browser aggregates the information in the form and sends it to the target URL indicated in the form. The web server, in turn, typically invokes a CGI program and sends all the input collected from the user. This interaction is called a form POST, a technical term indicating the method of sending the form contents to the CGI. The CGI processes the form contents and produces a suitable response to be sent to the browser.
A Sample CGI
The following is a sample CGI program written in python. It can be deployed to a web server so that it is accessible from a URL similar to: http://www.example.com/cgi-bin/env.cgi. When invoked, the CGI reports all the variables it received in its environment from the web server. This is about as simple as a CGI program can get.
#!/usr/bin/python import os print "Content-type: text/plain\n" for key in os.environ: print key, "=>\"", os.environ[key], "\""
The Evolution of CGIs
CGIs have been a part of web servers since almost the beginning of the web. The first ever web server, the NCSA HTTPd Web Server, started off with support for serving static files only. Subsequently, it was recognized that executing a script in response to a URL request allowed the web server to generate dynamic content, and the CGI specification was born.
The earliest CGI programs were simple scripts written in a language such as Perl, TCL, Shell, etc. It could also be written in a compiled language such as C/C++, but this required an additional step of compiling the program to create the executable CGI.
As CGIs became more complex, and the user demands increased, it was recognized that creating a separate CGI process for servicing each request was rather too heavy in terms of the memory and CPU overhead. Especially when servicing the request takes less time than the overhead of creating a new process.
At this point, web servers started to embed full-blown script interpreters so user requests could be handled in a separate thread within a single web server process. This improved the efficiency of the request servicing, and cut the response times.
This coincided with the arrival of new languages specifically designed for the web, such as PHP. The PHP interpreter started off life as a CGI program itself. As a part of request processing, it parses the requested file for PHP directives and executes the commands there-in.
Today, in addition to CGI scripts, there are many technologies used for executing code on the server in response to a request.
Are you using CGI scripts in any part of your company’s web site? Have you faced any particular issues with deploying or maintaining CGI scripts? Discuss below in the comments.