What is CGI?

The Common Gateway Interface (CGI) is an in­ter­sec­tion between web servers through which the stan­dard­ized data exchange between external ap­pli­ca­tions and servers is possible. It belongs to the oldest existing online interface tech­nolo­gies and is still used regularly today. When using CGI, HTML pages do not need to be stored on a server, but can be dy­nam­i­cal­ly created as and when a user makes a website query.

Examples of ap­pli­ca­tion of a Common Gateway Interface

• Shopping basket: When a customer adds a product to their online shopping basket, the in­for­ma­tion is au­to­mat­i­cal­ly processed by a CGI script and sent to the server.
• Comments: When a user fills in a com­men­tary section and hits “Send,” the text is first trans­mit­ted to a CGI script which then transfers it to the server.
• Forms: Entries in online forms used for ap­pli­ca­tions or messages are first processed by the Common Gateway Interface before they are trans­mit­ted to the server.
• Website sta­tis­tics: If a website displays visitor hit rates, it will typically be using a CGI.
• Server Side Includes: Thanks to Common Gateway In­ter­faces, text content can be loaded to a website dy­nam­i­cal­ly.
• Software tests: De­vel­op­ers are able to use CGI scripts to test functions of external online ap­pli­ca­tions for websites via their browser.

Whether a script is being processed or not is apparent by checking the URL. Even users with little or no pro­gram­ming knowledge are able to recognize a script that is being processed. Using a dedicated string of char­ac­ters, the server receives all the relevant in­for­ma­tion from the script. We generally dis­tin­guish between three different methods of data transfer:

• QUERY_STRING: used for most user queries
• PATH_INFO: used to transmit con­tex­tu­al in­for­ma­tion to a website
• Stdin: used to processed ad­di­tion­al user entries

Despite its age, the Common Gateway Interface is among the most commonly used in­ter­faces in web de­vel­op­ment. Even though the tech­nol­o­gy offers plenty of ad­van­tages, it does have some drawbacks.

CGI is a simple and effective method to generate dynamic website content. At the same time, CGI ap­pli­ca­tions do not have to be saved on a server, so that no resources are un­nec­es­sar­i­ly being used. In addition, the Common Gateway Interface is com­pat­i­ble with multiple pro­gram­ming languages which are easily in­te­grat­ed into the existing in­fra­struc­ture. Last but not least, the open-source standard is free of charge and can be used by de­vel­op­ers instantly.

Among the greatest weak­ness­es of Common Gateway In­ter­faces is that the time to reply to CGI ap­pli­ca­tions can be rel­a­tive­ly lengthy. The program needs to be restarted with each new entry. This can be a problem for websites ex­pe­ri­enc­ing high traffic where servers often only support a handful of CGI ap­pli­ca­tions at a time and ad­di­tion­al queries are added to a queue or are rejected.

The Common Gateway Interface, much like any interface, can present a security risk if no ad­di­tion­al safety measures are in place. The­o­ret­i­cal­ly, external programs gain access to web server data via CGI. Therefore, re­stric­tions should be in place for CGI scripts to not cause any damage.

Over the last few years, various interface tech­nolo­gies have been developed that expand on CGI. At the same time, they are trying to address one of its main short­com­ings: reloading the script with each new user query.

ASP (Active Server Pages): ASP was developed by Microsoft for its own server, but is now available for different types of servers. The ASP in­ter­preter is in­te­grat­ed in the web server, so that a new process does not need to be started for its use. ASP commands can be directly written into the HTML pages. Much like CGI, ASP can be used across multiple pro­gram­ming languages.

PHP: Besides Perl, PHP is among the most widely-used script languages in web de­vel­op­ment. Much of what a CGI script can do, PHP can do too. The PHP in­ter­preter, however, is directly in­te­grat­ed with the web server.

Cold­Fu­sion: Cold­Fu­sion was orig­i­nal­ly developed for Windows, but is now available for various Unix platforms as well. The Cold­Fu­sion In­ter­preter is in­te­grat­ed into the web server, much like the other CGI al­ter­na­tives. Using existing tags or in­di­vid­ual control elements, HTML pages can be modified. In addition, Cold­Fu­sion provides de­vel­op­ers with a series of standard functions.

FastCGI: When using FastCGI, dynamic queries from a web server can be directly processed via a Perl interface without the processor having to be restarted. FastCGI is CGI com­pat­i­ble and is supported by a range of web servers.