Prev Up Next
WARNING: CGI scripts without
appropriate safeguards can compromise your site's
security. The scripts presented here are simple
examples and are not assured to be secure for actual
Web use.
CGI scripts NCS are scripts that reside on a
web server and can be run by a client (browser). The
client accesses a CGI script by its URL, just as they
would a regular page. The server, recognizing that the
URL requested is a CGI script, runs it. How the server
recognizes certain URLs as scripts is up to the server
administrator. For the purposes of this text, we will
assume that they are stored in a distinguished
directory called cgi-bin. Thus, the script
testcgi.scm on the server www.foo.org would
be accessed as http://www.foo.org/cgi-bin/testcgi.scm.
The server runs the CGI script as the user nobody,
who cannot be expected to have any
PATH knowledge (which is highly subjective
anyway). Therefore the introductory magic line for a
CGI script written in Scheme needs to be a bit more
explicit than the one we used for ordinary Scheme
scripts. Eg, the line
":";exec mzscheme -r $0 "$@"
implicitly assumes that there is a particular shell
(bash, say), and that there is a PATH, and that
mzscheme is in it. For CGI scripts, we will need
to be more expansive:
#!/bin/sh
":";exec /usr/local/bin/mzscheme -r $0 "$@"
This gives fully qualified pathnames for the shell and
the Scheme executable. The transfer of control from
shell to Scheme proceeds as for regular scripts.
Prev Up Next