Prev Up Next

WARNING: CGI scripts without appropriate safeguards can compromise your site's security. The scripts presented here are simple examples and are not assured to be secure for actual Web use.

CGI scripts NCS are scripts that reside on a web server and can be run by a client (browser). The client accesses a CGI script by its URL, just as they would a regular page. The server, recognizing that the URL requested is a CGI script, runs it. How the server recognizes certain URLs as scripts is up to the server administrator. For the purposes of this text, we will assume that they are stored in a distinguished directory called cgi-bin. Thus, the script testcgi.scm on the server www.foo.org would be accessed as http://www.foo.org/cgi-bin/testcgi.scm.

The server runs the CGI script as the user nobody, who cannot be expected to have any PATH knowledge (which is highly subjective anyway). Therefore the introductory magic line for a CGI script written in Scheme needs to be a bit more explicit than the one we used for ordinary Scheme scripts. Eg, the line

":";exec mzscheme -r $0 "$@"

implicitly assumes that there is a particular shell (bash, say), and that there is a PATH, and that mzscheme is in it. For CGI scripts, we will need to be more expansive:

#!/bin/sh
":";exec /usr/local/bin/mzscheme -r $0 "$@"

This gives fully qualified pathnames for the shell and the Scheme executable. The transfer of control from shell to Scheme proceeds as for regular scripts.

Prev Up Next

Log in or register to write something here or to contact authors.