The Frequent Gateway Interface (CGI) is a typical defining how exterior packages can present info to net servers. CGI supplies a mechanism for net servers like Apache to trade information with programming languages equivalent to Perl.
CGI is one of the oldest parts of web infrastructure. It’s nonetheless extensively used at this time, regardless of having been outdated by newer options.
Internet server software program was historically restricted to serving static webpages. CGI scripts enabled the manufacturing of dynamic responses, created when a request is acquired.
Standardising HTTP Servers
CGI was designed to provide a standardised method for programming languages to entry HTTP server info. Any HTTP server may be paired with any programming language, offered they each adhere to the CGI spec.
CGI-enabled servers will deal with requests utilizing a course of much like the next:
- A brand new request is acquired:
- The online server recognises
instance.plas an executable CGI script, so it invokes the script.
- The Perl CGI script receives all the info in regards to the request, equivalent to its URL and HTTP headers.
instance.plscript runs; its output might be handed again to the online server for emission as an HTTP response.
The stream outlined above stands in stark distinction to an online server’s common operation. A primary request for
/instance.pl would return the content material of that file. If the file didn’t exist, you’d obtain a
404 response as a substitute.
When utilizing CGI, a request doesn’t have to map to an actual file on-disk. As an alternative, a user-defined program is run. This system has duty for producing the output to ship to the consumer. The online server is not involved with the precise content material of the response.
Info Exchanged By way of CGI
This system binary executed through CGI can entry varied information in regards to the incoming HTTP request. This consists of the URL, headers, question string and HTTP methodology, in addition to the distant consumer’s IP handle.
Server software program isn’t required to supply all information verbatim. The CGI specification permits servers to exclude headers from setting variables. This can be to omit delicate info – equivalent to the worth of the
Authorization header – or to keep away from redundancy when the identical info could possibly be accessed utilizing a devoted variable.
Along with information in regards to the request, CGI-compatible servers should additionally point out varied particulars about themselves. This consists of the title and model of the host server software program. Scripts might use these particulars as they see match.
Info is handed from the server to the CGI program as setting variables. This system accesses them in the identical method as some other setting variable. The server will run this system as a toddler means of itself, setting the setting variables earlier than calling the executable.
There may be one piece of knowledge which received’t be handed as an setting variable. The request physique will get particular therapy, because it could possibly be extraordinarily lengthy. This might be piped into the script on its normal enter stream. Scripts are knowledgeable how a lot information is out there through the
CONTENT_LENGTH setting variable.
As soon as the script processing completes, the CGI script returns an HTTP response to the server. This should be an entire HTTP response comprising headers and an optionally available physique. The script emits the response to its normal output stream. The server then sends the response again to the consumer over the HTTP connection.
The place’s CGI In the present day?
CGI helped carry in regards to the fashionable net. It offered an exceedingly easy solution to construct dynamic server-side scripts utilizing the applied sciences of the mid-90s. Not was a webpage a static HTML file.
CGI’s simplicity has helped it to endure within the many years since. CGI scripts stay in use, significantly inside legacy purposes based mostly on older languages. Expertise has not stood nonetheless although; CGI has been outdated by extra fashionable options which are higher suited to at this time’s net.
Conventional CGI creates an overhead which turns into problematic at scale. The CGI script is reloaded on each request, spawning a brand new course of which may exhaust assets on high-traffic websites.
CGI’s additionally restricted by way of the management it supplies to scripts. Scripts are solely capable of decide the response content material despatched again to the consumer. They’re unable to affect some other a part of the HTTP trade, equivalent to authentication or session administration.
Lastly, there are safety considerations. CGI scripts are usually executed as a toddler means of the server. This implies the server should be protected against script interference. Misconfiguration might give a script undesirable entry to different assets managed by the server, equivalent to its configuration and log information.
A lot of CGI’s points have been addressed by newer interface applied sciences. FastCGI was created to scale back the CGI overhead problem. It really works equally to CGI however doesn’t spawn a brand new course of for every request. As an alternative, the FastCGI server works independently of the online server, sustaining its personal set of persistent processes used to host the CGI scripts.
Elsewhere, particular person programming languages have carried out their very own server interfaces. These are instantly built-in into net servers, normally by way of optionally available modules. One instance is Apache’s
mod_perl, which supply native assist for these programming languages with out utilizing CGI (though each can be utilized through CGI).
Regardless of the emergence of those mechanisms, CGI does stay related. The simplicity on the core of its design has knowledgeable most subsequent efforts to enhance the general structure. Whilst you’re unlikely to come across CGI day-to-day in fashionable net programs, main net servers proceed to assist it and that appears unlikely to alter anytime quickly.