Outline
CGI Overview Between Client and Handler Lecture 8: CGI Between Web Server and Handler (Common Gateway Interface )
Wendy Liu CSC309F – Fall 2007
1 2
Common Gateway Interface (CGI)
CGI Overview http://www.oreilly.com/openbook/cgi/ Access to dynamic server-side content Services Data
3 4
1 Components of the CGI Model CGI Interaction (1) Clients Web browsers Web server Mediates communication between browsers and handler programs CGI Protocol Specifies interaction between Browser and handler programs Function call syntax Web server and handler programs Handler programs (or CGI scripts) Client sends request with a URL+additional info Any executables residing on the web server Web server receives the request Can be written in any language Web server identifies the request as a CGI request C, C++, Perl, VB, Python, SmallTalk, Assembly, Lisp, etc. Web server locates the handler program 5 6
CGI Interaction (2) CGI Interaction (3)
Web server starts up the handling program Handler program executes Heavy weight process creation Output of the handler is sent to the Web server via stdout Output is typically a web page Web server feeds request parameters to handler Web server returns output to the requesting web browser Through stdin or environment variables
7 8
2 Handling CGI Process CGI Example in Perl #!/local/bin/perl print "Content-type: text/html\n\n"; Main Process Request for print "\n"; Child Process for CGI1 CGI1 print "
\n";Request for print "
hello
\n"; Child Process for CGI2 CGI2 print "\n";Request for print "\n"; Child Process for CGI1 CGI1 In Web page
CGI-based Web Server Click to run CGI Cause the execution of the Perl script hello.pl
9 10
Client - Handler Interaction
Clients request the execution of a handler program by specifying A request method (e.g., GET, POST) Between Client and Handler Universal Resource Locator (URL) Locates the handler Indirect interaction Additional arguments Query string
11 12
3 Query String Encoding HTTP Methods
Query string is used to transmit data associated with GET a GET/POST request Query string attached to the URL after ‘?’ All arguments are packed into a single string As part of the URL Each argument is represented by a name-value pair as URL may have a length restriction on the server side name=value Arguments are separated by ampersand, & Limited amount of information can be passed name_1=value_1&name_2=value_2 Arguments appear in server logs Spaces in a name or value are replaced by a plus POST sign, + Query string encoded in the HTTP request body URLs cannot have spaces in them Not part of the URL Other characters (=, &, +) are replaced by a percent sign (%) followed by a two-digit hexadecimal value Arbitrarily long form data can be communicated Arguments usually do not appear in server logs
13 14
Forms Example: GET Forms Example: POST
On the Web page On the Web page
Request sent to web server Request sent to web server Assuming user enters: ‘abc’ and ‘123’ Assuming user enters: ‘abc’ and ‘123’ POST cgi-bin/login.pl HTTP/1.1 GET cgi-bin/login.pl?id=abc&password=12315 16
4 Web Server - Handler Interaction
Information about a request comes from Request line Header line Between Web Server and Handler Request-body (POST) Handler input Environment variables stdin (request body) Handler output stdout
17 18
Environment Variables Example –Perl Script AUTH_TYPE REMOTE_IDENT #!/local/bin/perl print "Content-type: text/plain\n\n"; CONTENT_LENGTH REMOTE_USER print "Environment\n"; CONTENT_TYPE REQUEST_METHOD @keys = keys %ENV; # variable names GATEWAY_INTERFACE @values = values %ENV; # variable values SCRIPT_NAME while (@keys) { PATH_INFO SERVER_NAME print pop(@keys), '=', pop(@values), "\n"; PATH_TRANSLATED } SERVER_PORT QUERY_STRING $request_method = $ENV{'REQUEST_METHOD'}; SERVER_PROTOCOL if ($request_method eq "POST") { REMOTE_ADDR $formsize = $ENV{'CONTENT_LENGTH'}; REMOTE_HOST SERVER_SOFTWARE read (STDIN, $form_info, $formsize); print "\nSTDIN\n" print $form_info; }
19 20
5 Example – Web Page Example – GET Request
HTTP/1.1 200 OKGET
Date: Mon, 01 Oct 2007 23:17:56 GMT Connection: Keep-Alive Content-Type: text/plainPOST
=Submit …21 22
Example – POST Request Important Announcement HTTP/1.1 200 OK Date: Mon, 01 Oct 2007 23:17:56 GMT Tuesday Oct 16, 2007 Server: Apache/1.3.29 (Unix) Last-Modified: Wed, 12 Sep 2007 20:32:21 GMT 2-hr tutorial given in a CDF lab, BA3185 Accept-Ranges: bytes Content-Length: 65 Thursday Oct 18, 2007 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Midterm, BA2195 Content-Type: text/plain Starting Tuesday Oct 23, 2007 Environment SERVER_PORT=80 The official lecture room will be BA2185 on each REQUEST_METHOD=POST … Tuesday until the end of term QUERY_STRING= No change to Thursdays’ classes (BA1240) … STDIN studentNum=a&id=b&password=234&returnFiles=on&submit=Submit
23 24
6