Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Exercise session week 2 Introduction to CGI and EiffelWeb.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Exercise session week 2 Introduction to CGI and EiffelWeb."— Presentation transcript:

1 Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Exercise session week 2 Introduction to CGI and EiffelWeb Marco Piccioni

2 Introduction to CGI and EiffelWeb 2 CGI Some things that you may have heard about Common Gateway Interface:  It is an old technology  It is a slow technology  It has some security issues

3 Introduction to CGI and EiffelWeb 3 CGI: some history  Yes, CGI is a pretty old technology  Arose from discussions on a mailing list in 1993  Rob McCool drafted the initial specification and provided a reference implementation in the NCSA HTTPd web server  It allowed the creation of the first dynamic web site  HTTPd was discontinued in 1998, but its code lived for a while in the Apache project  Apache now runs approximately two-thirds of the internet web servers

4 Introduction to CGI and EiffelWeb 4 CGI: is it really slow?  It can be slow, mainly because:  It spawns a new process on the server at each request  As a consequence, it limits resource reuse techniques, like reusing db connections, in-memory caching, etc.  This problem is relevant with interpreted languages, and has been addressed in two ways:  Storing compiled versions of the scripts on the server at first invocation  Embedding the interpreter directly into the web server so that it can be executed without creating a new process  The problem is irrelevant with compiled languages

5 Introduction to CGI and EiffelWeb 5 CGI and security  CGI scripts that you deploy may (un)intentionally leak information that can help hackers break in  It is safer to keep CGI scripts in one directory (typically cgi-bin), setting permissions so that only the administrator can install them  Scripts sources kept in a server directory might be read, understood and modified by a hacker  Again, this problem is much less relevant with compiled languages, because in the cgi-bin directory you have just a binary file

6 Introduction to CGI and EiffelWeb 6 CGI: who is using it?  Anyone who is not using Java or.NET, more or less  As an example, you may pick a Wiki, or Hotmail  It is supported by many programming languages:  Interpreted  Any Unix shell, AppleScript  Perl, PHP, Python, Ruby  Compiled  Fortran, Pascal, RPG, TCL, Visual Basic  C, C++, Eiffel

7 Introduction to CGI and EiffelWeb 7 CGI Basics  The Common Gateway Interface (CGI) is a standard protocol for interfacing external application software with an information server, commonly a web server  This allows the server to pass requests from a client web browser to the external application  The web server can then return the output from the application to the web browser.

8 Introduction to CGI and EiffelWeb 8 How CGI works  Taking the Web server's point of view, certain locations (e.g. http://www.sample.com/cgi-bin/sample.cgi) are defined to be served by a CGI program.  Whenever a request to a matching URL is received, the corresponding program is called, with any data that the client sent as input.  Output from the program is collected by the Web server, augmented with appropriate headers, and sent back to the client.

9 Introduction to CGI and EiffelWeb 9 A first look to the classes we will need  Here are the most important EiffelWeb library classes that we will need to build the application:  CGI_INTERFACE  CGI_ENVIRONMENT  CGI_FORMS  HTML_PAGE  CGI_RESPONSE_HEADER

10 Introduction to CGI and EiffelWeb 10 BON diagram: the classes we will need

11 Introduction to CGI and EiffelWeb 11 EiffelWeb: Accessing input values  The browser sends a stream containing the data relative to the user entry and selection that will be available at the application start.  EiffelWeb stores each data element and its associated name within a hash table, the feature form_data of class CGI_INTERFACE.

12 Introduction to CGI and EiffelWeb 12 Class CGI_FORMS  You can access values of input data from your code with the interface defined in class CGI_FORMS  It allows you to:  Retrieve text entries (text fields, passwords, text areas)  Know whether a button was pressed or not  …

13 Introduction to CGI and EiffelWeb 13 Class CGI_ENVIRONMENT  Much of the information needed by CGI applications is made available via environment variables  In class CGI_ENVIRONMENT you can find some useful piece of information about:  Request method (GET, POST, etc)  Query string (parameters after “?” In URLs)  HTTP content length and type  Cookies (to manage sessions)  …

14 Introduction to CGI and EiffelWeb 14 Building responses: HTML_PAGE  The response has to contain an HTTP header in order to be understood by the browser.  Responses may include an HTML page, a re-direction or an error notification  You can use class HTML_PAGE to build an HTML page.

15 Introduction to CGI and EiffelWeb 15 Sending responses to the browser  You may then send the header followed by your text using the features send_to_browser of class CGI_RESPONSE_HEADER: response_header.generate_text_header response_header.send_to_browser response_header.Output.put_string (page.out)

16 Introduction to CGI and EiffelWeb 16 What you will need  EiffelStudio 5.7: for Mac, Linux, or Windows users with a Microsoft C compiler (e.g. with Microsoft VisualStudio installed)  https://www2.eiffel.com/download https://www2.eiffel.com/download  EiffelStudio 6.0 beta: for Windows users that do not have a Windows compiler installed; the second link is for getting a free Microsoft C compiler (comes with SDK)  http://eiffelsoftware.origo.ethz.ch/downloads/builds/ http://eiffelsoftware.origo.ethz.ch/downloads/builds/  http://eiffelsoftware.origo.ethz.ch/index.php/Installing_Micros oft_C_compiler http://eiffelsoftware.origo.ethz.ch/index.php/Installing_Micros oft_C_compiler  A nice Apache web server / MySQL distribution:  www.apachefriends.org/en/xampp.htmlwww.apachefriends.org/en/xampp.html  ODBC MySQL drivers  http://dev.mysql.com/downloads/connector/odbc/3.51.html http://dev.mysql.com/downloads/connector/odbc/3.51.html

17 Introduction to CGI and EiffelWeb 17 Compiling the example  Launch EiffelStudio.  Click Add project  Browse to $ISE_EIFFEL\examples\web\basic\.  $ISE_EIFFEL is the EiffelStudio installation dir  Choose web.ecf  Choose the location where the project will be compiled, by default the same directory containing the configuration file.  Compile using the option Project/Finalize…/ and answer “Yes” to the following question (C compilation & linking)  Also choose to keep assertions in the following window  Pick the binary in dir $ISE_EIFFEL\examples\web\EIFGENs\web\F_code

18 Introduction to CGI and EiffelWeb 18 Compiling the example: solving a little bug  If you are working with Eiffelstudio 5.7 under Windows you will probably have a problem.  Reason: some refactoring was performed for some library classes and directories, without consequently updating the xml configuration file called web.ecf in  $ISE_EIFFEL/library/web  Solution: in this web.ecf (note that there are two files with the same name in different dirs), delete the following line and recompile: 

19 Introduction to CGI and EiffelWeb 19 Installing and running the example  Copy the binary file web.exe (if you are working under windows, otherwise the binary file called web) in the cgi- bin directory of your web server  Copy the file sample.html in a directory on the web server (default for xampp is “htdocs”)  Access the page sample.html that you copied on the web server with a web browser:  http://localhost/sample.html

20 Introduction to CGI and EiffelWeb 20 Browsing the sample html EiffelWEB Example Please enter your name in the box below:

21 Introduction to CGI and EiffelWeb 21 Browsing the source code class SAMPLE inherit CGI_INTERFACE --this provides the basic support create make -- we are using feature make from CGI_INTERFACE feature -- Access Debug_mode: BOOLEAN is True --The only way to debug: assertions! -- Should exception trace be displayed in case a crash occurs? page: HTML_PAGE -- Page that is sent back to the browser. feature -- Basic Operations --see next page- - end -- class SAMPLE

22 Introduction to CGI and EiffelWeb 22 The main feature: execute execute is -- Perform form entries processing, and send back the answer to the browser. do if field_defined ("name") then create page.make -- Add the and tags. page.add_html_code (" EiffelWEB Example ") -- Display the name entered in the body of the page. page.add_html_code (" Hello " +text_field_value ("name") +" ") end --see next page- -

23 Introduction to CGI and EiffelWeb 23 The main feature: execute -- the response is now sent back to the browser response_header.generate_text_header response_header.send_to_browser response_header.Output.put_string (page.out) rescue --in case something goes terribly wrong io.error.putstring ("crash in `compute' from DOWNLOAD_INTERACTION%N") end --end of feature execute— end -- class SAMPLE

24 Introduction to CGI and EiffelWeb 24 A closer look to the code  Here are the most important EiffelWeb library classes that we will need to build the application:  CGI_INTERFACE  CGI_ENVIRONMENT  CGI_FORMS  HTML_PAGE  CGI_RESPONSE_HEADER

25 Introduction to CGI and EiffelWeb 25 EiffelWeb: Accessing input values  The browser sends a stream containing the data relative to the user entry and selection at the applications start.  EiffelWeb stores each data element and its associated name within a hash table, the feature form_data of class CGI_INTERFACE.

26 Introduction to CGI and EiffelWeb 26 Class CGI_INTERFACE deferred class CGI_INTERFACE inherit CGI_ENVIRONMENT BASIC_ROUTINES export {NONE} all -- all features from BASIC_ROUTINES are private now end CGI_FORMS CGI_ERROR_HANDLING feature -- Initialization --see next page- -

27 Introduction to CGI and EiffelWeb 27 Feature make in class CGI_INTERFACE feature -- Initialization make is -- Initiate input data parsing and process information. local retried: BOOLEAN do if not retried then parse_input execute -- this is deferred in class CGI_INTERFACE else if debug_mode then handle_exception end rescue retried := True retry end

28 Introduction to CGI and EiffelWeb 28 Other features of class CGI_INTERFACE execute is -- Process user provided information. deferred end feature {CGI_INTERFACE} -- Access: note the restricted visibility debug_mode: BOOLEAN is -- Is Current application executed in debug mode? deferred end feature {CGI_FORMS} -- Access: note the restricted visibility form_data: HASH_TABLE [LINKED_LIST [STRING], STRING] -- User provided data.

29 Introduction to CGI and EiffelWeb 29 Class CGI_ENVIRONMENT  Much of the information needed by CGI applications is made available via environment variables  In class CGI_ENVIRONMENT you can find some useful piece of information about:  Request method (GET, POST, etc)  Query string (parameters after “?” In URLs)  HTTP content length and type  Cookies  …

30 Introduction to CGI and EiffelWeb 30 Class CGI_ENVIRONMENT: interface class interface CGI_ENVIRONMENT create default_create feature -- Cookies cookies: HASH_TABLE [STRING_8, STRING_8] -- Cookie Information relative to data. feature -- Environment variable setting set_environment_variable (variable, val: STRING_8) -- Set environment variable `variable' to `val'.

31 Introduction to CGI and EiffelWeb 31 Environment variables feature -- Headerline based environment variables http_accept: STRING_8 -- MIME types which the client will accept. http_user_agent: STRING_8 -- Browser the client is using to send the request. feature -- Not request-specific environment variables gateway_interface: STRING_8 -- Revision of the CGI specification to which this server complies. server_name: STRING_8 -- Server's hostname, DNS alias, or IP address. server_software: STRING_8 -- Name and version of information server answering the request.

32 Introduction to CGI and EiffelWeb 32 Request specific environment variables feature -- Request specific environment variables auth_type: STRING_8 -- Protocol-specific authentication method used to validate user. content_length: STRING_8 -- Length of the said content as given by the client. content_type: STRING_8 -- Content type of data. path_info: STRING_8 -- Extra path information, as given by the client. path_translated: STRING_8 -- Translated version of PATH_INFO provided by server. query_string: STRING_8 -- Information which follows ? in URL referencing CGI program. remote_addr: STRING_8 -- IP address of the remote host making the request.

33 Introduction to CGI and EiffelWeb 33 Class CGI_ENVIRONMENT: features remote_host: STRING_8 -- Hostname making the request. remote_ident: STRING_8 -- User name retrieved from server if RFC 931 supported. remote_user: STRING_8 -- Username, if applicable. request_method: STRING_8 -- Method with which the request was made. script_name: STRING_8 -- Virtual path to the script being executed. server_port: STRING_8 -- Port number to which request was sent. server_protocol: STRING_8 -- Name and revision of information protocol of this request.

34 Introduction to CGI and EiffelWeb 34 Class CGI_FORMS  You can access values of input data from your code with the interface defined in class CGI_FORMS  It allows you to:  Retrieve text entries (text fields, passwords, text areas)  Know whether a button was pressed or not  …

35 Introduction to CGI and EiffelWeb 35 Useful features in class CGI_FORMS deferred class interface CGI_FORMS feature -- Access button_value (field_name: STRING_8; overriding_value: STRING_8): BOOLEAN -- Is Button relative to 'field_name' selected ? menu_values (field_name: STRING_8): LINKED_LIST [STRING_8] -- Selected values for a list, whose name -- is 'field_name'. text_field_value (field_name: STRING_8): STRING_8 -- First (unique?) value for a text field. -- Applies for a password and a text area too. feature -- Implementation form_data: HASH_TABLE [LINKED_LIST [STRING_8], STRING_8] -- Table in which is contained all the information -- relative to the different user inputs.

36 Introduction to CGI and EiffelWeb 36 Other features in class CGI_FORMS --follows from preceding page- - feature -- Advanced Access fields: ARRAY [STRING_8] -- Names of fields in the form. value_count (field_name: STRING_8): INTEGER_32 -- Number of values for a field. value_list (field_name: STRING_8): LINKED_LIST [STRING_8] -- List of values for a field. feature -- Report field_defined (field_name: STRING_8): BOOLEAN -- Is field `field_name' defined? end -- class CGI_FORMS

37 Introduction to CGI and EiffelWeb 37 Building responses: HTML_PAGE  The response has to contain an HTTP header in order to be understood by the browser.  Responses may include an HTML page, a re-direction or an error notification  You can use the class HTML_PAGE to build an HTML page.

38 Introduction to CGI and EiffelWeb 38 Class HTML_PAGE class interface HTML_PAGE create make, make_from_template feature -- Initialization make -- Create an HTML page. make_from_template (fi_n: STRING_8) -- Create an HTML page from a template whose path name is -- 'fi'. The template may contains special symbols/words, which -- will allow smart replacing (see feature 'replace'). feature -- Access out: STRING_8 -- Usable copy of the output.

39 Introduction to CGI and EiffelWeb 39 Class HTML_PAGE: features feature -- Basic Operations add_html_code (s: STRING_8) -- Add html code 's'. insert_hidden_field (name, value: STRING_8) -- Insert hidden field with name 'name' and value 'value'. replace_marker (a_marker, s: STRING_8) -- Replace marker 'a_marker' by string 's' -- within the template. -- Do nothing if it does not exist. end -- class HTML_PAGE

40 Introduction to CGI and EiffelWeb 40 Sending responses to the browser  You may then send the header followed by your text using the features send_to_browser of class CGI_RESPONSE_HEADER: response_header.generate_text_header response_header.send_to_browser response_header.Output.put_string (page.out)

41 Introduction to CGI and EiffelWeb 41 Class CGI_RESPONSE_HEADER class interface CGI_RESPONSE_HEADER create default_create feature -- Access header: STRING_8 -- Message Header which will be returned to the -- the browser. is_complete_header: BOOLEAN -- Is Current header a complete header ? is_sent: BOOLEAN -- Is current header sent to the browser ?

42 Introduction to CGI and EiffelWeb 42 Class CGI_RESPONSE_HEADER: settings feature -- Advanced Settings set_cookie (key, value, expiration, path, domain, secure: STRING_8) -- Set a cookie on the client's machine -- with key 'key' and value 'value'. set_expiration (a_date: STRING_8) -- Set the expiration date before which the page needs -- to be refreshed set_pragma (a_pragma: STRING_8) -- Set the pragma which indicates whether -- the page accepts to be cached -- or not. An example of pragma is "no-cache"

43 Introduction to CGI and EiffelWeb 43 Class CGI_RESPONSE_HEADER: features feature -- Basic Operations generate_http_redirection (an_url: STRING_8; is_secure: BOOLEAN) -- Generate CGI secure re-direction, via 'https' protocol if -- secure, via http if not. generate_text_header -- Generate header for a future text (generally HTML) -- you are going to send. reinitialize_header -- Re-initialize header. -- May be called if the header built sor far -- has to be re-build from scratch.

44 Introduction to CGI and EiffelWeb 44 CGI_RESPONSE_HEADER: other features return_status (a_status: INTEGER_32; a_message: STRING_8) -- Set the status of the user request. -- A complete list of stata may be found at : --http://www.w3.org/hypertext/WWW/protocols/HTTP/HTRESP.html -- See also CGI_COMMON_STATUS_TYPES send_to_browser -- Send the header to browser. -- This operation has to be performed before -- you send anything else to the browser. end -- class CGI_RESPONSE_HEADER

45 Introduction to CGI and EiffelWeb 45 End exercise session week 2

Download ppt "Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Exercise session week 2 Introduction to CGI and EiffelWeb."

Similar presentations

WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?

WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?
Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.

Cookies, Sessions. Server Side Includes You can insert the content of one file into another file before the server executes it, with the require() function.
CGI & HTML forms -05-. CGI Common Gateway Interface  A web server is only a pipe between user-agents  and content – it does not generate content.

CGI & HTML forms CGI Common Gateway Interface  A web server is only a pipe between user-agents  and content – it does not generate content.
Browsers and Servers CGI Processing Model ( Common Gateway Interface ) © Norman White, 2013.

Browsers and Servers CGI Processing Model ( Common Gateway Interface ) © Norman White, 2013.
Server-Side vs. Client-Side Scripting Languages

Server-Side vs. Client-Side Scripting Languages
How does the server format the information it gives to the appln program? As environment variables and in standard input.

How does the server format the information it gives to the appln program? As environment variables and in standard input.
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
CS 898N – Advanced World Wide Web Technologies Lecture 6: PERL and CGI Chin-Chih Chang

CS 898N – Advanced World Wide Web Technologies Lecture 6: PERL and CGI Chin-Chih Chang
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Outcomes Know what are CGI Environment Variables Know how to use environment variables How to process A simple Query Form Able to use URL Encoding rules.

Outcomes Know what are CGI Environment Variables Know how to use environment variables How to process A simple Query Form Able to use URL Encoding rules.
Hypertext Transport Protocol CS - 328 Dick Steflik.

Hypertext Transport Protocol CS Dick Steflik.
CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.

CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.
Web Client/Server Communication A290/A590, Fall 2014 09/09/2014.

Web Client/Server Communication A290/A590, Fall /09/2014.
CGI Programming Languages Web Based Software Development July 21, 2005 Song, JaeHa.

CGI Programming Languages Web Based Software Development July 21, 2005 Song, JaeHa.
Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.
Common Gateway Interface

Common Gateway Interface
CGI Common Gateway Interface. CGI is the scheme to interface other programs to the Web Server.

CGI Common Gateway Interface. CGI is the scheme to interface other programs to the Web Server.
INTRODUCTION TO WEB DATABASE PROGRAMMING

INTRODUCTION TO WEB DATABASE PROGRAMMING
 2000 Deitel & Associates, Inc. All rights reserved. Chapter 24 – Web Servers (PWS, IIS, Apache, Jigsaw) Outline 24.1Introduction 24.2Microsoft Personal.

 2000 Deitel & Associates, Inc. All rights reserved. Chapter 24 – Web Servers (PWS, IIS, Apache, Jigsaw) Outline 24.1Introduction 24.2Microsoft Personal.
M. Taimoor Khan * Java Server Pages (JSP) is a server-side programming technology that enables the creation of dynamic,

M. Taimoor Khan * Java Server Pages (JSP) is a server-side programming technology that enables the creation of dynamic,

Similar presentations

Ads by Google