28.1. How and When to Use CGI
CGI is a powerful tool for any Web developer. Unfortunately, it can also be a powerful tool for a hacker looking to exploit your site. CGI can also be a source of server load; using CGI to deliver all of a site's content increases the load on its server considerably.
Here are some reasons to consider using CGI:
You need documents to provide dynamic content or interactive functions to your static documents.
You need content from other resources, databases, hardware, and so on.
You need more interactivity between your documents and their audience than straight XHTML technologies can provide.
That said, you should also consider the following before deploying a CGI solution:
Can client-side technologies (such as JavaScript) provide what you need?
Weigh the overall load on the server versus the need for the script. (Keep in mind that because most scripts are accessed via HTTP URLs, you can host the scripts on a server separate from the server delivering the XHTML documents.)
Using CGI presents an inherent security risk — even well-written scripts can contain vulnerabilities that leave your server exposed to hackers.
All that said, CGI provides a great resource to infuse your documents with interactivity and dynamic content.
One popular CGI technique to decrease server load is the use of Server Side Includes (SSI). SSI lets you to embed scripts in static documents, allowing the script to deliver the dynamic portion of the document but relying upon the standard ...
Get Web Standards Programmer's Reference: HTML, CSS, JavaScript®, Perl, Python®, and PHP now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
