1 / 11

Web Server Design Week 14

Web Server Design Week 14. Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein <mklein@cs.odu.edu> 4/14/10. GET /foo.cgi HTTP/1.1. foo.cgi. 200 OK. Common Gateway Interface. A method for remotely invoking executable programs on a server

keely
Télécharger la présentation

Web Server Design Week 14

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Web Server DesignWeek 14 Old Dominion University Department of Computer Science CS 495/595 Spring 2010 Martin Klein <mklein@cs.odu.edu> 4/14/10

  2. GET /foo.cgi HTTP/1.1 foo.cgi 200 OK Common Gateway Interface • A method for remotely invoking executable programs on a server • A long-time convention • http://web.archive.org/web/20071023072800/http://hoohoo.ncsa.uiuc.edu/cgi/ • finally defined in RFC 3875 client server

  3. CGI Invocation • How Apache does it: • http://httpd.apache.org/docs/2.0/mod/mod_cgi.html • We’ll live slightly more dangerously: • any executable (non-directory) file can be invoked as CGI with: • POST • GET w/ query string • e.g. /a/b/c.cgi?var1=foo&var2=bar

  4. CGI Operation • The CGI program is responsible for returning (on STDOUT) some combination of its own headers: • Content-type • Location • Status • and other locally-defined headers • Script-returned headers are: • collected by the server • processed; e.g.: • “Location” -> HTTP/1.1 302 Found • Status -> HTTP response code line • combined with the server’s headers • Resulting headers are returned to the client

  5. Status % more status.cgi #!/usr/bin/perl print "Status: 678 This is not a real HTTP status code\n\n"; mk$ telnet www.cs.odu.edu 80 Trying 128.82.4.2... Connected to xenon.cs.odu.edu. Escape character is '^]'. GET /~mklein/teaching/cs595-s10/cgi/status.cgi HTTP/1.1 Host: www.cs.odu.edu Connection: close HTTP/1.1 678 This is not a real HTTP status code Date: Wed, 14 Apr 2010 13:55:05 GMT Server: Apache/2.2.14 (Unix) DAV/2 PHP/5.2.11 Content-Length: 0 Connection: close Content-Type: text/plain Connection closed by foreign host.

  6. Location % more location.cgi #!/usr/bin/perl print "Location: http://www.cs.odu.edu/~mklein/\n\n"; mk$ telnet www.cs.odu.edu 80 Trying 128.82.4.2... Connected to xenon.cs.odu.edu. Escape character is '^]'. GET /~mklein/teaching/cs595-s10/cgi/location.cgi HTTP/1.1 Host: www.cs.odu.edu Connection: close HTTP/1.1 302 Found Date: Wed, 14 Apr 2010 13:58:01 GMT Server: Apache/2.2.14 (Unix) DAV/2 PHP/5.2.11 Location: http://www.cs.odu.edu/~mklein/ Content-Length: 309 Connection: close Content-Type: text/html; charset=iso-8859-1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="http://www.cs.odu.edu/~mklein/">here</a>.</p> <hr> <address>Apache/2.2.14 (Unix) DAV/2 PHP/5.2.11 Server at www.cs.odu.edu Port 80</address> </body></html> Connection closed by foreign host.

  7. Content-type % more ls.cgi #!/usr/bin/perl print "Content-type: text/plain\n\n"; $ls = `ls -alR`; print "$ls\n"; mk$ telnet www.cs.odu.edu 80 Trying 128.82.4.2... Connected to xenon.cs.odu.edu. Escape character is '^]'. HEAD /~mklein/teaching/cs595-s10/cgi/ls.cgi HTTP/1.1 Host: www.cs.odu.edu Connection: close HTTP/1.1 200 OK Date: Wed, 14 Apr 2010 14:01:57 GMT Server: Apache/2.2.14 (Unix) DAV/2 PHP/5.2.11 Connection: close Content-Type: text/plain Connection closed by foreign host.

  8. CGI Environment • Section 4.1, RFC 3875 • AUTH_TYPE, CONTENT_LENGTH, CONTENT_TYPE, GATEWAY_INTERFACE, PATH_INFO, PATH_TRANSLATED, QUERY_STRING, REMOTE_ADDR, REMOTE_HOST, REMOTE_IDENT, REMOTE_USER, REQUEST_METHOD, SCRIPT_NAME, SERVER_NAME, SERVER_PORT, SERVER_PROTOCOL, SERVER_SOFTWARE • In practice, slightly different: • http://www.cs.odu.edu/~mklein/teaching/cs595-s10/cgi/env.cgi

  9. How to Customize the Environment? • C: • fork() & execve() • Perl: • set %ENV • fork() & exec() • Python: • set %ENV • fork () & execve() • Others??? • please share w/ the list

  10. ENV & CGI Examples #!/usr/bin/perl print "Content-type: text/html\n\n"; foreach $key (keys (%ENV)) { print "$key = $ENV{$key} <br>\n"; } while (<STDIN>) { print "$_<br>\n"; } {GET, POST} X {multipart/form-data, application/x-form-www-urlencoded} http://www.cs.odu.edu/~mklein/teaching/cs595-s10/cgi/

  11. Advanced Topics: “Soft 404s” • foo.edu/lookup.php?key=123456 • what http status code do you return if: • script “lookup.php” exists and has no syntax errors • but key 123456 is deleted or invalid • Semantic events: • http - 200 • database - bad key • reading: • “Sic Transit Gloria Telae: Towards an Understanding of the Web’s Decay” • http://doi.acm.org/10.1145/988672.988716

More Related