- Input data sent from the browser to the server shows up as a stream of bytes in the
stdin input stream, along with shell environment variables. - Output is sent back from the server to the client by simply printing properly for-
matted HTML to the stdout output stream.
The most complex parts of this scheme include parsing all the input information sent
up from the browser and formatting information in the reply sent back. Happily, Py-
thon’s standard library largely automates both tasks:
Input
With the Python cgi module, input typed into a web browser form or appended
to a URL string shows up as values in a dictionary-like object in Python CGI scripts.
Python parses the data itself and gives us an object with one key : value pair per
input sent by the browser that is fully independent of transmission style (roughly,
by fill-in form or by direct URL).
Output
The cgi module also has tools for automatically escaping strings so that they are
legal to use in HTML (e.g., replacing embedded <, >, and & characters with HTML
escape codes). Module urllib.parse provides additional tools for formatting text
inserted into generated URL strings (e.g., adding %XX and + escapes).
We’ll study both of these interfaces in detail later in this chapter. For now, keep in mind
that although any language can be used to write CGI scripts, Python’s standard modules
and language attributes make it a snap.
Perhaps less happily, CGI scripts are also intimately tied to the syntax of HTML, since
they must generate it to create a reply page. In fact, it can be said that Python CGI
scripts embed HTML, which is an entirely distinct language in its own right.* As we’ll
also see, the fact that CGI scripts create a user interface by printing HTML syntax means
that we have to take special care with the text we insert into a web page’s code (e.g.,
escaping HTML operators). Worse, CGI scripts require at least a cursory knowledge
of HTML forms, since that is where the inputs and target script’s address are typically
specified.
This book won’t teach HTML in depth; if you find yourself puzzled by some of the
arcane syntax of the HTML generated by scripts here, you should glance at an HTML
introduction, such as HTML & XHTML: The Definitive Guide. Also keep in mind that
higher-level tools and frameworks can sometimes hide the details of HTML generation
from Python programmers, albeit at the cost of any new complexity inherent in the
- Interestingly, in Chapter 12 we briefly introduced other systems that take the opposite route—embedding
Python code or calls in HTML. The server-side templating languages in Zope, PSP, and other web frameworks
use this model, running the embedded Python code to produce part of a reply page. Because Python is
embedded, these systems must run special servers to evaluate the embedded tags. Because Python CGI scripts
embed HTML in Python instead, they can be run as standalone programs directly, though they must be
launched by a CGI-capable web server.
What’s a Server-Side CGI Script? | 1129