Dr Subhash Technical Campus

Faculty of BCA

CGI
 CGI is the abbreviation of Common Gateway Interface. It is a specification for
transferring information between a World Wide Web server and a CGI program. A CGI
program is any program designed to accept and return data that conforms to the CGI
specification. The program could be written in any programming language,
including C, Perl, Java, or Visual Basic.
 CGI programs are the most common way for Web servers to interact dynamically with
users. Many HTML pages that contain forms, for example, use a CGI program to process
the form's data once it's submitted. Another increasingly common way to
provide dynamic feedback for Web users is to include scripts or programs that run on the
user's machine rather than the Web server. These programs can be Java applets, Java
scripts, or ActiveX controls. These technologies are known collectively as client-
side solutions, while the use of CGI is a server-side solution because the processing
occurs on the Web server.
 One problem with CGI is that each time a CGI script is executed, a new process is
started. For busy websites, this can slow down the server noticeably. A more efficient
solution, is to use Java servlets.

Servlet over CGI

Convenient
Servlets have an extensive infrastructure for automatically parsing and decoding HTML form
data, reading and setting HTTP headers, handling cookies, tracking sessions, In CGI, you have to
do much of this yourself.

Powerful
Servlets support several capabilities that are difficult or impossible to accomplish with regular
CGI. Servlets can talk directly to the Web server, whereas regular CGI programs cannot, at least
not without using a server-specific API. Multiple servlets can also share data, making it easy to
implement database connection pooling and similar resource-sharing optimizations. Servlets can

Prepared By:Prof.Shweta Joshi Page 1

also maintain information from request to request, simplifying techniques like session tracking
and caching of previous computations.

Portable
Servlets are written in the Java programming language and follow a standard API. Servlets
are supported directly or by a plugin on virtually every major Web server. Consequently,
servlets written for, say, Macromedia JRun can run virtually unchanged on Apache Tomcat,
Microsoft Internet Information Server (with a separate plugin), IBM WebSphere, iPlanet
Enterprise Server, Oracle9i AS, or StarNine WebStar.

Inexpensive
A number of free or very inexpensive Web servers are good for development use or deployment
of low- or medium-volume Web sites. Thus, with servlets and JSP you can start with a free or
inexpensive server and migrate to more expensive servers with high-performance capabilities or
advanced administration utilities only after your project meets initial success.

Secure
One of the main sources of vulnerabilities in traditional CGI stems from the fact that the
programs are often executed by general-purpose operating system shells. So, the CGI
programmer must be careful to filter out characters such as backquotes and semicolons that are
treated specially by the shell. Implementing this precaution is harder than one might think, and
weaknesses stemming from this problem are constantly being uncovered in widely used CGI
libraries. some CGI programs are processed by languages that do not automatically check array
or string bounds. For example, in C and C++ it is perfectly legal to allocate a 100-element array
and then write into the 999th “element,” which is really some random part of program memory.
So, programmers who forget to perform this check open up their system to deliberate or
accidental buffer overflow attacks.

Mainstream
Servlet and JSP technology is supported by servers from Apache, Oracle, IBM, Sybase, They run
on Windows, Unix/Linux, MacOS, VMS, and IBM mainframe operating systems. They are the
single most popular application of the Java programming language. They are arguably the most
popular choice for developing medium to large Web applications. They are used by the airline
industry (most United Airlines and Delta Airlines Web sites), e-commerce (ofoto.com), online
banking (First USA Bank, Banco Popular de Puerto Rico), Web search engines/portals
(excite.com), large financial sites (American Century Investments),and hundreds of other sites
that you visit every day.
Prepared By:Prof.Shweta Joshi Page 2