CGI and SSI
CGI, Common Gateway Interface, is a standard for executing scripts
from a web server. Every major web server supports it and it is the
only way to make script portable between web servers. Challenger
supports CGI scripts via the CGI executable support
module.
CGI addresses few of the security implications of programming on
the web. The programmer of the CGI script has to deal with them
herself. Thus CGI scripts have become a security problem. It is easy to
find, download and install CGI scripts that may have security
problems. Care has to be taken when designing and testing the CGI
script so it will be capable of handling any user input. On the web
you never know when someone will try giving your little script a few
megabytes of machine code as input.
Challenger makes it possible to combine CGI programming with the
unique functionality present in Challenger. Either the output of CGI
scripts can be parsed by the RXML parser. Or the CGI script itself can
be invoked from within RXML with the <cgi> tag. It is even
possible to define new tags handled via CGI scripts by combining the
<define> tag with the <cgi> tag.
|