November 14th, 2002, 04:03 AM
easy way to get in
i'm really confused by /cgi-bin 'common gateway interface' ... what is in that directory ... pearl scripts/python scripts/java/java sctipts ... just some of those or all of those ... and if all how can html recognize which one is which ... is there any way to tell what's inside remotely ... and if so how can i hide what is there ...i want to set up my own html server on cable but i'm afraid i don' really know enough about cgi to use it on my new site (which is by the way all ready to go) but i don't wanna create any dynamic content w/out enough knowledge... (as far as those who will want me to use java... i really don't like it at all and most of all i don't agree with their licenses so **** sun) help me and if you don't care at least give me relevant links
November 14th, 2002, 11:03 AM
I don't know much about how it all actually works, since web programming isn't my forte, but these sites *should* tell you all you need to know bout the PERL side.
I\'m drunk, and right now I\'m so in love with you.
November 14th, 2002, 11:41 AM
it's not the case of hidding them from others. A better view is if it's not needed don't include it. But what you are asking is a massive question, any cgi page you write could because of the way it has been writen, it could become a security risk.
Have a look at http://www.owasp.org they have a very good and complete document on how to secure a web application
Hope that helps
PS a little advice if you are going to post for information like this try google first
I\'m a SittingDuck, but the question is \"Is your web app a Sitting Duck?\"
November 14th, 2002, 09:49 PM
The most common language used with cgi is perl (Pratical Extraction and Resource Language), but i think you can use any programming language,
as long as you have the right compiler on the server(don't quote me on that).
unless the server is really badly configured you shouldn't be able to see whats in the cgi-bin directory.
you call cgi scripts using a HTML eg;
\"I can resist everything, except temptation.\" - Oscar Wilde
November 15th, 2002, 12:22 AM
The way the HTML code recognizes what kind of file your trying to run is in the extension of the file. If your HTML link is
The extension of the file is pl, which is an extension for perl files.
And your concernments about setting up a web server..if your only going to have HTML files, you don't even need to worry about a /cgi-bin.
Hope I helped you out.
November 15th, 2002, 01:34 AM
Masive question is putting it lightly. In perl or in Nix what can and cannot be done also depends upon the directory permissions, like you can usea perl script to call a process from a directory where it is read and process only from within the perl script or program attempt to run any other program from there and it's killed because of permissions on the folder. A example is the common guestbook the input is placed in an HTML page the enter passes it to the cgi-bin folder process that complies the page and it's output placed back in the main html dir, so neither page actually resides in the cgi-bin only the process called by the pages. You may want to do a google search on DHTML, Perl Scripts and then there is also php now another way to serve active conrent
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg