|
| Description: | Common Gateway Interface: Set of rules describing how a Web server communicates with another program. The communication is bi-directional and usually involves the following steps: - Data is entered by the user in a form. - The action attached to the form is the CGI program. - This performs some tasks (search for pages, access a database, ...) - It then returns output in HTML format, ready to be displayed by the browser. CGI programs are often written in a scripting language such as perl, hence the name "CGI scripts". A simple CGI description is at: http://bignosebird.com/lscgi.shtml. CGI is an important source for attacks. See the following articles: How to remove metacharacters from user-suplied data in CGI scripts: http://www.cert.org/tech_tips/cgi_metacharacters.html CGI FAQ: http://www.w3.org/Security/Faq/wwwsf4.html. CGI secure programming: http://www.n3t.net/programming/. |