Application notes

Processing CGI on a web-server.

The problem

The Common Gateway Interface, or “CGI” as it’s more commonly known, is a method often used for processing user requests on a web-server, such as form submissions. The protocol is simple, and CGI scripts are often written in “perl” or “bash”. While this works well, one disadvantage of such use is that the server-side script is left in plain-text, and is therefore vulnerable to modification or disclosure of intellectual property should the server be compromised.

The 8th solution

8th programs can be run as “scripts”, just as a bash or perl program may. However, 8th also lets Professional and Enterprise customers produce an encrypted binary of the script, thereby both protecting the encrypted script from modification, making it much more difficult to derive information from it and easing deployment.

The actual 8th code for the CGI sample is here; you may view it with any text-editor you like. A few highlights from the code will be mentioned below.

First, note the #! /usr/local/bin/8th line at the top of the script. It tells the Linux (or Raspberry Pi) system you’re running on that it should use the 8th binary located in /usr/local/bin to run the script. If you are running the script as an encrypted binary, that line is superfluous (though harmless: the #! word is considered a comment in 8th).

Second, note that all POST or GET variables passed to the script are folded into a single map variable called “vars”. Accessing any variable then simply requires a phrase such as

vars @ "HTTP_FROM" m:@
for instance, to access the “HTTP_FROM” CGI variable.

Third, note the use of quote to conveniently handle multi-line HTML for output. The response header as well the start of the body are given at the same time.

Learn more

To find out more about 8th and how it can help meet your application development needs, please refer to the manual, browse this site or the 8th forum, or contact us.