Common Gateway Interface

Also found in: Acronyms, Wikipedia.

common gateway interface

[‚käm·ən ‚gāt‚wā ′in·tər‚fās]
(computer science)
A protocol that allows the secure data transfer to and from a server and a network user by means of a program which resides on the server and handles the transaction. For example, if an intranet user sent a request with a Web browser for database information, a CGI program would execute on the server, retrieve the information from the database, format it in HTML, and send it back to the user. Abbreviated CGI.

Common Gateway Interface

(World-Wide Web)
(CGI) A standard for running external programs from a World-Wide Web HTTP server. CGI specifies how to pass arguments to the program as part of the HTTP request. It also defines a set of environment variables that are made available to the program. The program generates output, typically HTML, which the web server processes and passes back to the browser. Alternatively, the program can request URL redirection. CGI allows the returned output to depend in any arbitrary way on the request.

The CGI program can, for example, access information in a database and format the results as HTML. The program can access any data that a normal application program can, however the facilities available to CGI programs are usually limited for security reasons.

Although CGI programs can be compiled programs, they are more often written in a (semi) interpreted language such as Perl, or as Unix shell scripts, hence the common name "CGI script".

Here is a trivial CGI script written in Perl. (It requires the "CGI" module available from CPAN).

#!/usr/bin/perl use CGI qw(:standard);

print header, start_html, h1("CGI Test"), "Your IP address is: ", remote_host(), end_html;

When run it produces an HTTP header and then a simple HTML page containing the IP address or hostname of the machine that generated the initial request. If run from a command prompt it outputs:

Content-Type: text/html; charset=ISO-8859-1

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" ""> <html xmlns="" lang="en-US" xml:lang="en-US"> <head> <title>Untitled Document</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> </head> <body> <h1>CGI Test</h1>Your IP address is: localhost </body> </html>

The CGI program might be saved as the file "" in the appropriate directory on a web server, e.g. "/home/httpd/test".

Accessing the appropriate URL, e.g., would cause the program to run and a custom page produced and returned.

Early web servers required all CGI programs to be installed in one directory called cgi-bin but it is better to keep them with the HTML files to which they relate unless they are truly global to the site. Similarly, it is neither necessary nor desirable for all CGI programs to have the extension ".cgi".

Each CGI request is handled by a new process. If the process fails to terminate for some reason, or if requests are received faster than the server can respond to them, the server may become swamped with processes. In order to improve performance, Netscape devised NSAPI and Microsoft developed the ISAPI standard which allow CGI-like tasks to run as part of the main server process, thus avoiding the overhead of creating a new process to handle each CGI invocation. Other solutions include mod_perl and FastCGI.

Latest version: CGI/1.1.
References in periodicals archive ?
Perl and Apache have been providing Common Gateway Interface (CGI) access to Web sites for 20 years and are constantly evolving to support the ever-changing demands of Internet users.
Nasdaq:NVTL), a leading provider of wireless broadband access solutions, today announced the availability of its MiFi Web server Common Gateway Interface (CGI) for the MiFi Developer Program.
Extensive Security Reports: Ships with pre-configured security reports including SANS Priority One, Common Gateway Interface (CGI) Banner exams and Remote Procedure Calls (RPC) scanner reports.
The interface itself is written using PHP, a widely used open source scripting language, resulting in much higher performance than is possible with Nagios' current interface built using Common Gateway Interface (CGI) scripts.
CGI Support: Common Gateway Interface is a standard way of passing parameters and executing a program module; -- HTML support: No programming is required to imbed a bar code image in a HTML page; -- Supports all Scripting Languages; -- Bar code rotation: bar codes can be rotated 90, 180, and 270 degrees on the web page.
The security checks contained in ESM for WebServers cover three major areas of Web server security vulnerabilities including Common Gateway Interface (CGI) programs, FTP utilities, and Bastion Host services.
For example, if a Web site's back-end common gateway interface (CGI) application is not responding, where traditional load balancers would direct all users past that server, ArrowPoint's Web switch keeps the server alive for non-CGI content requests, such as HTTP requests for the site's page.
They can be run on servers supporting the Common Gateway Interface (CGI) and are accessible on all popular browsers.
4, which now provides support for any third-party Web server that supports the Common Gateway Interface (CGI) or FastCGI protocol mechanism.
By accessing information at this level, ArrowPoint's Web switches can reliably bypass caches for non-cacheable content such as Common Gateway Interface (CGI), Active Server Pages (ASP), or database queries, and transmit these non-cacheable requests directly to the origin server.