One document matched: draft-coar-cgi-v11-03.ps
%!PS-Adobe-2.0
%%Creator: dvips(k) 5.86 Copyright 1999 Radical Eye Software
%%Title: draft-coar-cgi-v11-03.dvi
%%Pages: 30
%%PageOrder: Ascend
%%BoundingBox: 0 0 596 842
%%DocumentFonts: Times-Roman Times-Bold Courier Times-Italic
%%EndComments
%DVIPSWebPage: (www.radicaleye.com)
%DVIPSCommandLine: dvips -o draft-coar-cgi-v11-03.ps
%+ draft-coar-cgi-v11-03.dvi
%DVIPSParameters: dpi=600, compressed
%DVIPSSource: TeX output 2003.04.16:1538
%%BeginProcSet: texc.pro
%!
/TeXDict 300 dict def TeXDict begin/N{def}def/B{bind def}N/S{exch}N/X{S
N}B/A{dup}B/TR{translate}N/isls false N/vsize 11 72 mul N/hsize 8.5 72
mul N/landplus90{false}def/@rigin{isls{[0 landplus90{1 -1}{-1 1}ifelse 0
0 0]concat}if 72 Resolution div 72 VResolution div neg scale isls{
landplus90{VResolution 72 div vsize mul 0 exch}{Resolution -72 div hsize
mul 0}ifelse TR}if Resolution VResolution vsize -72 div 1 add mul TR[
matrix currentmatrix{A A round sub abs 0.00001 lt{round}if}forall round
exch round exch]setmatrix}N/@landscape{/isls true N}B/@manualfeed{
statusdict/manualfeed true put}B/@copies{/#copies X}B/FMat[1 0 0 -1 0 0]
N/FBB[0 0 0 0]N/nn 0 N/IEn 0 N/ctr 0 N/df-tail{/nn 8 dict N nn begin
/FontType 3 N/FontMatrix fntrx N/FontBBox FBB N string/base X array
/BitMaps X/BuildChar{CharBuilder}N/Encoding IEn N end A{/foo setfont}2
array copy cvx N load 0 nn put/ctr 0 N[}B/sf 0 N/df{/sf 1 N/fntrx FMat N
df-tail}B/dfs{div/sf X/fntrx[sf 0 0 sf neg 0 0]N df-tail}B/E{pop nn A
definefont setfont}B/Cw{Cd A length 5 sub get}B/Ch{Cd A length 4 sub get
}B/Cx{128 Cd A length 3 sub get sub}B/Cy{Cd A length 2 sub get 127 sub}
B/Cdx{Cd A length 1 sub get}B/Ci{Cd A type/stringtype ne{ctr get/ctr ctr
1 add N}if}B/id 0 N/rw 0 N/rc 0 N/gp 0 N/cp 0 N/G 0 N/CharBuilder{save 3
1 roll S A/base get 2 index get S/BitMaps get S get/Cd X pop/ctr 0 N Cdx
0 Cx Cy Ch sub Cx Cw add Cy setcachedevice Cw Ch true[1 0 0 -1 -.1 Cx
sub Cy .1 sub]/id Ci N/rw Cw 7 add 8 idiv string N/rc 0 N/gp 0 N/cp 0 N{
rc 0 ne{rc 1 sub/rc X rw}{G}ifelse}imagemask restore}B/G{{id gp get/gp
gp 1 add N A 18 mod S 18 idiv pl S get exec}loop}B/adv{cp add/cp X}B
/chg{rw cp id gp 4 index getinterval putinterval A gp add/gp X adv}B/nd{
/cp 0 N rw exit}B/lsh{rw cp 2 copy get A 0 eq{pop 1}{A 255 eq{pop 254}{
A A add 255 and S 1 and or}ifelse}ifelse put 1 adv}B/rsh{rw cp 2 copy
get A 0 eq{pop 128}{A 255 eq{pop 127}{A 2 idiv S 128 and or}ifelse}
ifelse put 1 adv}B/clr{rw cp 2 index string putinterval adv}B/set{rw cp
fillstr 0 4 index getinterval putinterval adv}B/fillstr 18 string 0 1 17
{2 copy 255 put pop}for N/pl[{adv 1 chg}{adv 1 chg nd}{1 add chg}{1 add
chg nd}{adv lsh}{adv lsh nd}{adv rsh}{adv rsh nd}{1 add adv}{/rc X nd}{
1 add set}{1 add clr}{adv 2 chg}{adv 2 chg nd}{pop nd}]A{bind pop}
forall N/D{/cc X A type/stringtype ne{]}if nn/base get cc ctr put nn
/BitMaps get S ctr S sf 1 ne{A A length 1 sub A 2 index S get sf div put
}if put/ctr ctr 1 add N}B/I{cc 1 add D}B/bop{userdict/bop-hook known{
bop-hook}if/SI save N @rigin 0 0 moveto/V matrix currentmatrix A 1 get A
mul exch 0 get A mul add .99 lt{/QV}{/RV}ifelse load def pop pop}N/eop{
SI restore userdict/eop-hook known{eop-hook}if showpage}N/@start{
userdict/start-hook known{start-hook}if pop/VResolution X/Resolution X
1000 div/DVImag X/IEn 256 array N 2 string 0 1 255{IEn S A 360 add 36 4
index cvrs cvn put}for pop 65781.76 div/vsize X 65781.76 div/hsize X}N
/p{show}N/RMat[1 0 0 -1 0 0]N/BDot 260 string N/Rx 0 N/Ry 0 N/V{}B/RV/v{
/Ry X/Rx X V}B statusdict begin/product where{pop false[(Display)(NeXT)
(LaserWriter 16/600)]{A length product length le{A length product exch 0
exch getinterval eq{pop true exit}if}{pop}ifelse}forall}{false}ifelse
end{{gsave TR -.1 .1 TR 1 1 scale Rx Ry false RMat{BDot}imagemask
grestore}}{{gsave TR -.1 .1 TR Rx Ry scale 1 1 false RMat{BDot}
imagemask grestore}}ifelse B/QV{gsave newpath transform round exch round
exch itransform moveto Rx 0 rlineto 0 Ry neg rlineto Rx neg 0 rlineto
fill grestore}B/a{moveto}B/delta 0 N/tail{A/delta X 0 rmoveto}B/M{S p
delta add tail}B/b{S p tail}B/c{-4 M}B/d{-3 M}B/e{-2 M}B/f{-1 M}B/g{0 M}
B/h{1 M}B/i{2 M}B/j{3 M}B/k{4 M}B/w{0 rmoveto}B/l{p -4 w}B/m{p -3 w}B/n{
p -2 w}B/o{p -1 w}B/q{p 1 w}B/r{p 2 w}B/s{p 3 w}B/t{p 4 w}B/x{0 S
rmoveto}B/y{3 2 roll p a}B/bos{/SS save N}B/eos{SS restore}B end
%%EndProcSet
%%BeginProcSet: 8r.enc
% @@psencodingfile@{
% author = "S. Rahtz, P. MacKay, Alan Jeffrey, B. Horn, K. Berry",
% version = "0.6",
% date = "22 June 1996",
% filename = "8r.enc",
% email = "kb@@mail.tug.org",
% address = "135 Center Hill Rd. // Plymouth, MA 02360",
% codetable = "ISO/ASCII",
% checksum = "119 662 4424",
% docstring = "Encoding for TrueType or Type 1 fonts to be used with TeX."
% @}
%
% Idea is to have all the characters normally included in Type 1 fonts
% available for typesetting. This is effectively the characters in Adobe
% Standard Encoding + ISO Latin 1 + extra characters from Lucida.
%
% Character code assignments were made as follows:
%
% (1) the Windows ANSI characters are almost all in their Windows ANSI
% positions, because some Windows users cannot easily reencode the
% fonts, and it makes no difference on other systems. The only Windows
% ANSI characters not available are those that make no sense for
% typesetting -- rubout (127 decimal), nobreakspace (160), softhyphen
% (173). quotesingle and grave are moved just because it's such an
% irritation not having them in TeX positions.
%
% (2) Remaining characters are assigned arbitrarily to the lower part
% of the range, avoiding 0, 10 and 13 in case we meet dumb software.
%
% (3) Y&Y Lucida Bright includes some extra text characters; in the
% hopes that other PostScript fonts, perhaps created for public
% consumption, will include them, they are included starting at 0x12.
%
% (4) Remaining positions left undefined are for use in (hopefully)
% upward-compatible revisions, if someday more characters are generally
% available.
%
% (5) hyphen appears twice for compatibility with both ASCII and Windows.
%
/TeXBase1Encoding [
% 0x00 (encoded characters from Adobe Standard not in Windows 3.1)
/.notdef /dotaccent /fi /fl
/fraction /hungarumlaut /Lslash /lslash
/ogonek /ring /.notdef
/breve /minus /.notdef
% These are the only two remaining unencoded characters, so may as
% well include them.
/Zcaron /zcaron
% 0x10
/caron /dotlessi
% (unusual TeX characters available in, e.g., Lucida Bright)
/dotlessj /ff /ffi /ffl
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
% very contentious; it's so painful not having quoteleft and quoteright
% at 96 and 145 that we move the things normally found there down to here.
/grave /quotesingle
% 0x20 (ASCII begins)
/space /exclam /quotedbl /numbersign
/dollar /percent /ampersand /quoteright
/parenleft /parenright /asterisk /plus /comma /hyphen /period /slash
% 0x30
/zero /one /two /three /four /five /six /seven
/eight /nine /colon /semicolon /less /equal /greater /question
% 0x40
/at /A /B /C /D /E /F /G /H /I /J /K /L /M /N /O
% 0x50
/P /Q /R /S /T /U /V /W
/X /Y /Z /bracketleft /backslash /bracketright /asciicircum /underscore
% 0x60
/quoteleft /a /b /c /d /e /f /g /h /i /j /k /l /m /n /o
% 0x70
/p /q /r /s /t /u /v /w
/x /y /z /braceleft /bar /braceright /asciitilde
/.notdef % rubout; ASCII ends
% 0x80
/.notdef /.notdef /quotesinglbase /florin
/quotedblbase /ellipsis /dagger /daggerdbl
/circumflex /perthousand /Scaron /guilsinglleft
/OE /.notdef /.notdef /.notdef
% 0x90
/.notdef /.notdef /.notdef /quotedblleft
/quotedblright /bullet /endash /emdash
/tilde /trademark /scaron /guilsinglright
/oe /.notdef /.notdef /Ydieresis
% 0xA0
/.notdef % nobreakspace
/exclamdown /cent /sterling
/currency /yen /brokenbar /section
/dieresis /copyright /ordfeminine /guillemotleft
/logicalnot
/hyphen % Y&Y (also at 45); Windows' softhyphen
/registered
/macron
% 0xD0
/degree /plusminus /twosuperior /threesuperior
/acute /mu /paragraph /periodcentered
/cedilla /onesuperior /ordmasculine /guillemotright
/onequarter /onehalf /threequarters /questiondown
% 0xC0
/Agrave /Aacute /Acircumflex /Atilde /Adieresis /Aring /AE /Ccedilla
/Egrave /Eacute /Ecircumflex /Edieresis
/Igrave /Iacute /Icircumflex /Idieresis
% 0xD0
/Eth /Ntilde /Ograve /Oacute
/Ocircumflex /Otilde /Odieresis /multiply
/Oslash /Ugrave /Uacute /Ucircumflex
/Udieresis /Yacute /Thorn /germandbls
% 0xE0
/agrave /aacute /acircumflex /atilde
/adieresis /aring /ae /ccedilla
/egrave /eacute /ecircumflex /edieresis
/igrave /iacute /icircumflex /idieresis
% 0xF0
/eth /ntilde /ograve /oacute
/ocircumflex /otilde /odieresis /divide
/oslash /ugrave /uacute /ucircumflex
/udieresis /yacute /thorn /ydieresis
] def
%%EndProcSet
%%BeginProcSet: texps.pro
%!
TeXDict begin/rf{findfont dup length 1 add dict begin{1 index/FID ne 2
index/UniqueID ne and{def}{pop pop}ifelse}forall[1 index 0 6 -1 roll
exec 0 exch 5 -1 roll VResolution Resolution div mul neg 0 0]/Metrics
exch def dict begin Encoding{exch dup type/integertype ne{pop pop 1 sub
dup 0 le{pop}{[}ifelse}{FontMatrix 0 get div Metrics 0 get div def}
ifelse}forall Metrics/Metrics currentdict end def[2 index currentdict
end definefont 3 -1 roll makefont/setfont cvx]cvx def}def/ObliqueSlant{
dup sin S cos div neg}B/SlantFont{4 index mul add}def/ExtendFont{3 -1
roll mul exch}def/ReEncodeFont{CharStrings rcheck{/Encoding false def
dup[exch{dup CharStrings exch known not{pop/.notdef/Encoding true def}
if}forall Encoding{]exch pop}{cleartomark}ifelse}if/Encoding exch def}
def end
%%EndProcSet
TeXDict begin 39158280 55380996 1000 600 600 (draft-coar-cgi-v11-03.dvi)
@start /Fa 134[37 2[37 1[23 32 32 1[42 42 42 60 23 2[23
3[37 42 37 42 42 51[28 42[42 2[{TeXBase1Encoding ReEncodeFont}18
83.022 /Times-Italic rf /Fb 134[50 50 72 50 55 33 39
44 55 55 50 55 83 28 2[28 55 50 33 44 55 44 55 50 8[72
1[72 72 66 55 72 1[61 78 72 94 66 2[39 78 1[61 66 72
72 66 72 7[50 50 50 50 50 50 50 50 50 1[28 25 33 42[55
2[{TeXBase1Encoding ReEncodeFont}55 99.6264 /Times-Bold
rf /Fc 134[42 42 60 42 46 28 32 37 46 46 42 46 69 23
46 1[23 46 42 28 37 46 37 46 42 1[42 5[60 1[83 60 60
55 46 60 65 51 65 60 78 55 2[32 65 65 51 55 60 60 1[60
7[42 42 42 42 42 42 42 42 42 42 1[21 28 5[28 36[46 2[{
TeXBase1Encoding ReEncodeFont}60 83.022 /Times-Bold rf
/Fd 103[50 15[50 10[50 50 50 50 50 50 50 50 50 50 50
50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50
50 50 1[50 50 50 50 50 50 50 50 50 50 50 50 50 50 50
50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50
50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50 50
50 50 50 50 50 50 50 50 50 50 33[{TeXBase1Encoding ReEncodeFont}94
83.022 /Courier rf /Fe 134[60 1[86 60 66 40 47 53 66
66 60 66 100 33 66 1[33 66 60 40 53 66 53 66 60 10[86
1[80 66 86 1[73 1[86 113 3[47 93 93 3[86 1[86 7[60 60
60 60 60 60 60 60 60 60 1[30 4[40 40 40 36[66 2[{
TeXBase1Encoding ReEncodeFont}50 119.552 /Times-Bold
rf /Ff 105[42 25[17 1[37 42 42 60 42 42 23 32 28 42 42
42 42 65 23 42 23 23 42 42 28 37 42 37 42 37 28 42 1[28
1[28 51 60 60 78 60 60 51 46 55 60 46 60 60 74 51 60
32 28 60 60 46 51 60 55 55 60 76 37 47 47 47 23 23 42
42 42 42 42 42 42 42 42 42 23 21 28 21 47 42 28 28 28
65 69 2[34 30[46 46 2[{TeXBase1Encoding ReEncodeFont}89
83.022 /Times-Roman rf end
%%EndProlog
%%BeginSetup
%%Feature: *Resolution 600dpi
TeXDict begin
%%PaperSize: A4
%%EndSetup
%%Page: 1 1
1 0 bop 0 523 a Ff(INTERNET)-8 b(-DRAFT)2517 b(Da)n(vid)20
b(Robinson)0 623 y(draft-coar)n(-cgi-v11-03.)o(ps)1967
b(Apache)19 b(Softw)o(are)h(F)o(oundation)0 722 y(Expires)f(15)h
(October)f(2003)2431 b(K)n(en)20 b(A.L.)g(Coar)3177 822
y(IBM)h(Corporation)3290 922 y(16)f(April)g(2003)574
1200 y Fe(The)30 b(Common)g(Gateway)f(Interface)h(\(CGI\))f(V)-12
b(ersion)30 b(1.1)0 1555 y(Status)g(of)f(this)h(Memo)0
1815 y Ff(This)20 b(document)f(is)i(an)f(Internet-Draft)e(and)h(is)i
(in)g(full)f(conformance)d(with)j(all)h(pro)o(visions)d(of)i(Section)g
(10)g(of)g(RFC2026.)0 1989 y(Internet-Drafts)h(are)i(w)o(orking)e
(documents)g(of)i(the)g(Internet)f(Engineering)e(T)-7
b(ask)23 b(F)o(orce)g(\(IETF\),)e(its)j(areas,)g(and)e(its)i(w)o
(orking)0 2089 y(groups.)f(Note)e(that)f(other)f(groups)g(may)h(also)g
(distrib)n(ute)g(w)o(orking)f(documents)f(as)j(Internet-Drafts.)0
2263 y(Internet-Drafts)14 b(are)i(draft)g(documents)e(v)n(alid)i(for)f
(a)i(maximum)d(of)i(six)h(months)e(and)h(may)f(be)h(updated,)f
(replaced,)h(or)g(obsoleted)0 2363 y(by)g(other)g(documents)g(at)h(an)o
(y)f(time.)24 b(It)17 b(is)h(inappropriate)c(to)j(use)g
(Internet-Drafts)e(as)i(reference)f(material)g(or)h(to)g(cite)g(them)f
(other)0 2463 y(than)k(as)h(`w)o(ork)e(in)h(progress'.)0
2637 y(The)26 b(list)h(of)f(current)f(Internet-Drafts)f(can)i(be)g
(accessed)h(at)f Fd(http://www.ietf.org/ietf/1id-abstract)o(s.)0
2737 y(txt)p Ff(.)0 2911 y(The)20 b(list)h(of)f(Internet-Draft)e(Shado)
n(w)h(Directories)h(can)g(be)g(accessed)g(at)h Fd
(http://www.ietf.org/shadow.html)p Ff(.)0 3085 y(Distrib)n(ution)e(of)g
(this)h(document)e(is)j(unlimited.)i(Please)e(send)e(comments)g(to)g
(the)h(authors,)f(or)g(via)h(the)f(CGI-WG)h(mailing)f(list;)0
3185 y(see)i(the)f(project)f(W)-7 b(eb)21 b(page)f(at)g
Fd(<http://cgi-spec.golux.com>)p Ff(.)0 3540 y Fe(Abstract)0
3800 y Ff(The)g(Common)f(Gate)n(w)o(ay)h(Interf)o(ace)f(\(CGI\))i(is)g
(a)g(simple)f(interf)o(ace)g(for)g(running)e(e)o(xternal)h(programs,)f
(softw)o(are)i(or)g(gate)n(w)o(ays)0 3900 y(under)i(an)h(information)d
(serv)o(er)j(in)g(a)g(platform-independent)c(manner)-5
b(.)32 b(Currently)-5 b(,)22 b(the)h(supported)e(information)g(serv)o
(ers)i(are)0 3999 y(HTTP)d(serv)o(ers.)0 4174 y(The)f(interf)o(ace)f
(has)h(been)f(in)h(use)g(by)f(the)h(W)-7 b(orld-W)m(ide)18
b(W)-7 b(eb)20 b(since)f(1993.)k(This)c(speci\002cation)f(de\002nes)h
(the)f(`current)g(practice')0 4273 y(parameters)g(of)i(the)f(`CGI/1.1')
f(interf)o(ace)h(de)n(v)o(eloped)e(and)i(documented)e(at)j(the)f(U.S.)h
(National)f(Centre)g(for)g(Supercomputing)0 4373 y(Applications.)k
(This)18 b(document)e(also)i(de\002nes)g(the)f(use)i(of)e(the)h
(CGI/1.1)f(interf)o(ace)g(on)h(UNIX\(R\))f(and)g(other)m(,)g(similar)h
(systems.)0 5255 y(Robinson)h(&)h(Coar)1030 b(Expires)19
b(15)h(October)f(2003)1028 b([P)o(age)20 b(1])p eop
%%Page: 2 2
2 1 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fe(Contents)0 709 y Fc(1)83 b(Intr)o(oduction)
3137 b(4)125 808 y Ff(1.1)85 b(Purpose)59 b(.)42 b(.)f(.)g(.)g(.)h(.)f
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g
(.)h(.)f(.)g(.)g(.)h(.)f(.)123 b(4)125 908 y(1.2)85 b(Requirements)52
b(.)41 b(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)123 b(4)125
1007 y(1.3)85 b(Speci\002cations)48 b(.)41 b(.)h(.)f(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)123 b(4)125 1107 y(1.4)85 b(T)-6 b(erminology)22
b(.)41 b(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)123 b(5)0
1290 y Fc(2)83 b(Notational)18 b(Con)m(v)o(entions)h(and)i(Generic)f
(Grammar)1918 b(5)125 1389 y Ff(2.1)85 b(Augmented)19
b(BNF)70 b(.)41 b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)
g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)123 b(5)125
1489 y(2.2)85 b(Basic)22 b(Rules)58 b(.)41 b(.)g(.)h(.)f(.)g(.)h(.)f(.)
g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h
(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)123 b(6)125 1589 y(2.3)85 b(URL)21 b(Encoding)69
b(.)42 b(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)123 b(6)0 1771
y Fc(3)83 b(In)m(v)o(oking)20 b(the)g(Script)2906 b(7)125
1871 y Ff(3.1)85 b(Serv)o(er)20 b(Responsibilities)59
b(.)41 b(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)
g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h
(.)f(.)g(.)g(.)h(.)f(.)123 b(7)125 1971 y(3.2)85 b(Script)21
b(Selection)47 b(.)42 b(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)123
b(8)125 2070 y(3.3)85 b(The)20 b(Script-URI)57 b(.)42
b(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g
(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)123 b(8)125 2170 y(3.4)85
b(Ex)o(ecution)53 b(.)41 b(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)123
b(9)0 2352 y Fc(4)83 b(The)21 b(CGI)f(Request)2967 b(9)125
2452 y Ff(4.1)85 b(Request)21 b(Meta-V)-9 b(ariables)29
b(.)41 b(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)
g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h
(.)f(.)g(.)g(.)h(.)f(.)123 b(9)315 2552 y(4.1.1)98 b(A)-5
b(UTH_TYPE)22 b(.)42 b(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h
(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(10)315 2651
y(4.1.2)98 b(CONTENT_LENGTH)47 b(.)41 b(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(10)315 2751
y(4.1.3)98 b(CONTENT_TYPE)47 b(.)41 b(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)
g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(11)315
2851 y(4.1.4)98 b(GA)-9 b(TEW)f(A)h(Y_INTERF)j(A)m(CE)52
b(.)41 b(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82
b(11)315 2950 y(4.1.5)98 b(P)-8 b(A)f(TH_INFO)62 b(.)42
b(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)82 b(12)315 3050 y(4.1.6)98 b(P)-8
b(A)f(TH_TRANSLA)g(TED)32 b(.)41 b(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g
(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(12)315 3149 y(4.1.7)98
b(Q)o(UER)-5 b(Y_STRING)63 b(.)41 b(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h
(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(13)315 3249
y(4.1.8)98 b(REMO)m(TE_ADDR)69 b(.)41 b(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)
g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(13)315
3349 y(4.1.9)98 b(REMO)m(TE_HOST)25 b(.)41 b(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82
b(14)315 3448 y(4.1.10)56 b(REMO)m(TE_IDENT)e(.)41 b(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82
b(14)315 3548 y(4.1.11)56 b(REMO)m(TE_USER)30 b(.)41
b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h
(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)82 b(14)315 3648 y(4.1.12)56 b(REQ)o(UEST_METHOD)39
b(.)i(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)82 b(15)315 3747 y(4.1.13)56 b(SCRIPT_N)m(AME)i(.)41
b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h
(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)82 b(15)315 3847 y(4.1.14)56 b(SER)-7 b(VER_N)m(AME)28
b(.)41 b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)82 b(15)315 3946 y(4.1.15)56 b(SER)-7
b(VER_POR)i(T)63 b(.)41 b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(15)315 4046
y(4.1.16)56 b(SER)-7 b(VER_PR)m(O)m(T)o(OCOL)26 b(.)41
b(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)
82 b(16)315 4146 y(4.1.17)56 b(SER)-7 b(VER_SOFTW)d(ARE)82
b(.)41 b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)82 b(16)315 4245 y(4.1.18)56 b(Protocol-Speci\002c)18
b(Meta-V)-9 b(ariables)77 b(.)41 b(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)82 b(16)125 4345 y(4.2)j(Request)21 b(Message-Body)38
b(.)j(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)82 b(17)125 4445 y(4.3)j(Request)21
b(Methods)59 b(.)41 b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(17)315
4544 y(4.3.1)98 b(GET)25 b(.)41 b(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h
(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)82 b(18)315 4644 y(4.3.2)98 b(POST)46 b(.)41 b(.)h(.)f(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)82 b(18)315 4743 y(4.3.3)98 b(HEAD)80
b(.)42 b(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(18)315 4843
y(4.3.4)98 b(Protocol-Speci\002c)18 b(Methods)45 b(.)c(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)
g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(18)125
4943 y(4.4)j(The)20 b(Script)g(Command)f(Line)62 b(.)41
b(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)82 b(18)0 5255 y(Robinson)19 b(&)h(Coar)1030
b(Expires)19 b(15)h(October)f(2003)1028 b([P)o(age)20
b(2])p eop
%%Page: 3 3
3 2 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fc(5)83 b(NPH)20 b(Scripts)3103
b(19)125 623 y Ff(5.1)85 b(Indenti\002cation)28 b(.)41
b(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(19)125 722 y(5.2)j(NPH)21
b(Response)71 b(.)42 b(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82
b(19)0 905 y Fc(6)h(CGI)20 b(Response)3039 b(20)125 1005
y Ff(6.1)85 b(Response)20 b(Handling)52 b(.)41 b(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)
82 b(20)125 1104 y(6.2)j(Response)20 b(T)-7 b(ypes)41
b(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(20)315 1204
y(6.2.1)98 b(Document)19 b(Response)61 b(.)42 b(.)f(.)g(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(20)315
1303 y(6.2.2)98 b(Local)20 b(Redirect)g(Response)41 b(.)g(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82
b(21)315 1403 y(6.2.3)98 b(Client)21 b(Redirect)f(Response)27
b(.)41 b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)82 b(21)315 1503 y(6.2.4)98 b(Client)21 b(Redirect)f(Response)g
(with)g(Document)51 b(.)42 b(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82
b(21)125 1602 y(6.3)j(Response)20 b(Header)g(Fields)k(.)41
b(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)
g(.)g(.)h(.)f(.)82 b(21)315 1702 y(6.3.1)98 b(Content-T)-7
b(ype)41 b(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g
(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(22)315 1802 y(6.3.2)98
b(Location)77 b(.)41 b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(22)315
1901 y(6.3.3)98 b(Status)46 b(.)41 b(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)
82 b(23)315 2001 y(6.3.4)98 b(Protocol-Speci\002c)18
b(Header)i(Fields)60 b(.)41 b(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)82 b(23)315 2100 y(6.3.5)98 b(Extension)19 b(Header)g(Fields)56
b(.)41 b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)82 b(24)125 2200 y(6.4)j(Response)20 b(Message)h(Body)57
b(.)41 b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)82 b(24)0 2383 y Fc(7)h(System)20
b(Speci\002cations)2789 b(24)125 2482 y Ff(7.1)85 b(AmigaDOS)60
b(.)41 b(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(24)125
2582 y(7.2)j(UNIX)58 b(.)41 b(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)82 b(24)125 2682 y(7.3)j(EBCDIC/POSIX)73 b(.)41
b(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h
(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)
g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(25)0 2864 y Fc(8)h(Implementation)2980
b(25)125 2964 y Ff(8.1)85 b(Recommendations)18 b(for)i(Serv)o(ers)70
b(.)41 b(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)
g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h
(.)f(.)82 b(25)125 3064 y(8.2)j(Recommendations)18 b(for)i(Scripts)25
b(.)42 b(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)82 b(26)0 3246 y Fc(9)h(Security)19 b(Considerations)2697
b(26)125 3346 y Ff(9.1)85 b(Safe)21 b(Methods)54 b(.)41
b(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(26)125 3445
y(9.2)j(HTTP)21 b(Headers)f(Containing)e(Sensiti)n(v)o(e)i(Information)
65 b(.)42 b(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(26)125 3545
y(9.3)j(Data)21 b(Pri)n(v)n(ac)o(y)k(.)41 b(.)g(.)h(.)f(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)
f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g
(.)h(.)f(.)82 b(27)125 3645 y(9.4)j(TLS)21 b(Connection)d(Endpoint)72
b(.)41 b(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g
(.)g(.)h(.)f(.)82 b(27)125 3744 y(9.5)j(Serv)o(er/Script)19
b(Authentication)59 b(.)42 b(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(27)125 3844 y(9.6)j(Script)21
b(Interference)c(with)k(the)f(Serv)o(er)51 b(.)41 b(.)h(.)f(.)g(.)g(.)h
(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(27)125 3944
y(9.7)j(Data)21 b(Length)e(and)h(Buf)n(fering)e(Considerations)33
b(.)41 b(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82
b(27)125 4043 y(9.8)j(Stateless)22 b(Processing)29 b(.)41
b(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)h(.)f
(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)
h(.)f(.)g(.)g(.)h(.)f(.)82 b(28)125 4143 y(9.9)j(Non-parsed)19
b(Header)g(Output)50 b(.)41 b(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f
(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)g(.)g(.)
h(.)f(.)g(.)h(.)f(.)g(.)g(.)h(.)f(.)82 b(28)0 4325 y
Fc(10)41 b(Ackno)o(wledgements)2861 b(28)0 4508 y(11)41
b(Refer)o(ences)3161 b(29)0 4691 y(12)41 b(A)l(uthors')19
b(Addr)o(esses)2856 b(30)0 5255 y Ff(Robinson)19 b(&)h(Coar)1030
b(Expires)19 b(15)h(October)f(2003)1028 b([P)o(age)20
b(3])p eop
%%Page: 4 4
4 3 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fe(1)119 b(Intr)n(oduction)0 800
y Fb(1.1)99 b(Pur)o(pose)0 1030 y Ff(The)17 b(Common)f(Gate)n(w)o(ay)h
(Interf)o(ace)g(\(CGI\))g([21])f(allo)n(ws)i(an)g(HTTP)f([2],)g([8])g
(serv)o(er)g(and)g(a)h(CGI)g(script)f(to)h(share)f(responsiblity)0
1130 y(for)j(servicing)g(client)h(requests)f(by)g(sending)g(back)g
(responses.)26 b(The)21 b(client)f(request)h(comprises)f(a)h(Uni)n(v)o
(ersal)f(Resource)g(Iden-)0 1230 y(ti\002er)26 b(\(URI\))f([1],)g(a)h
(request)e(method)g(and)h(v)n(arious)f(ancillary)g(information)f(about)
h(the)i(request)e(pro)o(vided)f(by)i(the)g(transport)0
1329 y(mechanism.)0 1504 y(The)d(CGI)h(de\002nes)f(the)g(abstract)g
(parameters,)f(kno)n(wn)g(as)i(meta-v)n(ariables,)e(which)g(describe)h
(the)g(client')-5 b(s)23 b(request.)30 b(T)-7 b(ogether)0
1603 y(with)25 b(a)g(concrete)f(programmer)d(interf)o(ace)j(this)i
(speci\002es)f(a)g(platform-independent)20 b(interf)o(ace)k(between)g
(the)h(script)f(and)h(the)0 1703 y(HTTP)20 b(serv)o(er)-5
b(.)0 1877 y(The)32 b(serv)o(er)f(is)i(responsible)e(for)h(managing)e
(connection,)i(data)h(transfer)m(,)g(transport)e(and)h(netw)o(ork)f
(issues)i(related)e(to)i(the)0 1977 y(request,)19 b(whilst)i(the)f(CGI)
h(script)f(is)h(handles)f(the)g(application)f(issues,)h(such)g(as)h
(data)f(access)h(and)f(document)e(processing.)0 2289
y Fb(1.2)99 b(Requir)n(ements)0 2520 y Ff(The)15 b(k)o(e)o(y)g(w)o
(ords)g(`MUST',)g(`MUST)g(NO)m(T',)g(`REQ)o(UIRED',)g(`SHALL)-8
b(',)14 b(`SHALL)i(NO)m(T',)e(`SHOULD',)h(`SHOULD)g(NO)m(T',)0
2619 y(`RECOMMENDED',)20 b(`MA)-9 b(Y')20 b(and)g(`OPTION)m(AL)-8
b(')20 b(in)h(this)g(document)e(are)i(to)g(be)f(interpreted)f(as)j
(described)d(in)i(RFC)h(2119)0 2719 y([5].)0 2893 y(An)d
(implementation)d(is)k(not)e(compliant)g(if)h(it)g(f)o(ails)g(to)g
(satisfy)g(one)g(or)f(more)g(of)g(the)h(`must')f(requirements)f(for)h
(the)h(protocols)e(it)0 2993 y(implements.)24 b(An)19
b(implementation)e(that)j(satis\002es)h(all)f(of)f(the)g(`must')g(and)g
(all)h(of)f(the)h(`should')e(requirements)f(for)i(its)h(features)0
3092 y(is)e(said)g(to)f(be)g(`unconditionally)d(compliant';)j(one)g
(that)g(satis\002es)i(all)f(of)f(the)g(`must')g(requirements)e(b)n(ut)i
(not)g(all)h(of)f(the)g(`should')0 3192 y(requirements)h(for)i(its)h
(features)e(is)j(said)e(to)g(be)h(`conditionally)c(compliant'.)0
3504 y Fb(1.3)99 b(Speci\002cations)0 3735 y Ff(Not)23
b(all)h(of)f(the)g(functions)f(and)h(features)f(of)h(the)g(CGI)h(are)f
(de\002ned)f(in)i(the)f(main)g(part)g(of)f(this)i(speci\002cation.)33
b(The)23 b(follo)n(wing)0 3834 y(phrases)d(are)g(used)g(to)g(describe)g
(the)g(features)f(which)h(are)g(not)g(speci\002ed:)0
4075 y Fa(system)h(de\002ned)208 4175 y Ff(The)c(feature)h(may)f(dif)n
(fer)h(between)f(systems,)i(b)n(ut)f(must)g(be)g(the)h(same)f(for)g
(dif)n(ferent)e(implementations)g(using)i(the)g(same)208
4274 y(system.)26 b(A)21 b(system)f(will)h(usually)f(identify)g(a)h
(class)g(of)f(operating-systems.)k(Some)c(systems)h(are)f(de\002ned)g
(in)g(section)g(7)208 4374 y(of)f(this)i(document.)i(Ne)n(w)e(systems)f
(may)g(be)g(de\002ned)f(by)h(ne)n(w)g(speci\002cations)g(without)f(re)n
(vision)g(of)h(this)h(document.)0 4540 y Fa(implementation)d(de\002ned)
208 4640 y Ff(The)h(beha)n(viour)g(of)h(the)g(feature)f(may)h(v)n(ary)f
(from)g(implementation)f(to)j(implementation,)c(b)n(ut)k(a)f
(particular)f(implemen-)208 4739 y(tation)g(must)i(document)d(its)j
(beha)n(viour)-5 b(.)0 5255 y(Robinson)19 b(&)h(Coar)1030
b(Expires)19 b(15)h(October)f(2003)1028 b([P)o(age)20
b(4])p eop
%%Page: 5 5
5 4 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fb(1.4)99 b(T)-9 b(erminology)0
753 y Ff(This)25 b(speci\002cation)f(uses)i(man)o(y)e(terms)h
(de\002ned)f(in)h(the)g(HTTP/1.1)f(speci\002cation)h([8];)h(ho)n(we)n
(v)o(er)m(,)e(the)h(follo)n(wing)f(terms)h(are)0 853
y(used)18 b(here)f(in)h(a)h(sense)f(which)f(may)h(not)g(accord)e(with)i
(their)g(de\002nitions)f(in)h(that)h(document,)d(or)h(with)i(their)e
(common)f(meaning.)0 1083 y Fa(meta-variable)208 1182
y Ff(A)22 b(named)f(parameter)f(that)i(carries)g(information)e(from)h
(the)h(serv)o(er)f(to)h(the)g(script.)30 b(It)22 b(is)h(not)f
(necessarily)f(a)i(v)n(ariable)d(in)208 1282 y(the)g(operating-system')
-5 b(s)18 b(en)m(vironment,)f(although)h(that)i(is)h(the)g(most)f
(common)e(implementation.)0 1442 y Fa(script)208 1542
y Ff(The)26 b(softw)o(are)g(which)g(is)h(in)m(v)n(ok)o(ed)e(by)h(the)h
(serv)o(er)e(via)i(this)g(interf)o(ace.)43 b(It)26 b(need)g(not)g(be)h
(a)g(standalone)e(program,)h(b)n(ut)208 1641 y(could)g(be)h(a)h
(dynamically-loaded)23 b(or)28 b(shared)e(library)-5
b(,)28 b(or)f(e)n(v)o(en)f(a)i(subroutine)d(in)j(the)f(serv)o(er)-5
b(.)46 b(It)28 b(might)f(be)g(a)h(set)g(of)208 1741 y(statements)17
b(interpreted)f(at)j(run-time,)d(as)j(the)e(term)h(`script')f(is)i
(frequently)c(understood,)h(b)n(ut)i(that)f(is)i(not)f(a)g(requirement)
208 1841 y(and)h(within)h(the)g(conte)o(xt)f(of)h(this)h
(speci\002cation)e(the)i(term)e(has)i(the)f(broader)e(de\002nition)h
(stated.)0 2001 y Fa(server)208 2101 y Ff(The)g(application)g(program)f
(which)i(in)m(v)n(ok)o(es)f(the)h(script)g(in)h(order)e(to)h(service)g
(requests)g(from)f(the)h(cleint.)0 2453 y Fe(2)119 b(Notational)30
b(Con)-5 b(v)o(entions)31 b(and)f(Generic)h(Grammar)0
2730 y Fb(2.1)99 b(A)-5 b(ugmented)27 b(BNF)0 2960 y
Ff(All)h(of)f(the)h(mechanisms)f(speci\002ed)g(in)g(this)i(document)c
(are)j(described)e(in)h(both)g(prose)g(and)g(an)h(augmented)d
(Backus-Naur)0 3060 y(F)o(orm)19 b(\(BNF\))i(similar)f(to)h(that)f
(used)g(by)g(RFC)h(822)f([6].)k(This)c(augmented)e(BNF)k(contains)d
(the)h(follo)n(wing)f(constructs:)0 3290 y(name)h(=)g(de\002nition)208
3389 y(The)h(name)f(of)h(a)h(rule)f(and)g(its)h(de\002nition)e
(separated)h(by)f(the)i(equal)e(character)g(\("="\).)28
b(Whitespace)21 b(is)i(only)d(signi\002cant)208 3489
y(in)g(that)g(continuation)e(lines)j(of)f(a)g(de\002nition)f(are)h
(indented.)0 3649 y("literal")208 3749 y(Quotation)e(marks)h(\("\))g
(surround)e(literal)j(te)o(xt,)f(e)o(xcept)g(for)f(a)i(literal)g
(quotation)e(mark,)g(which)h(is)i(surrounded)16 b(by)k(angle-)208
3848 y(brack)o(ets)f(\("<")h(and)g(">"\).)k(Unless)d(stated)g
(otherwise,)e(the)h(te)o(xt)g(is)h(case-sensiti)n(v)o(e.)0
4009 y(rule1)e(|)i(rule2)208 4109 y(Alternati)n(v)o(e)e(rules)h(are)g
(separated)f(by)h(a)g(v)o(ertical)g(bar)g(\("|"\).)0
4269 y(\(rule1)f(rule2)g(rule3\))208 4369 y(Elements)g(enclosed)h(in)g
(parentheses)f(are)h(treated)g(as)h(a)f(single)g(element.)0
4529 y(*rule)208 4629 y(A)27 b(rule)f(preceded)e(by)i(an)h(asterisk)f
(\("*"\))g(may)g(ha)n(v)o(e)g(zero)g(or)g(more)g(occurrences.)41
b(A)27 b(rule)g(preceded)d(by)i(an)h(inte)o(ger)208 4728
y(follo)n(wed)18 b(by)i(an)g(asterisk)h(must)f(occur)f(at)i(least)g
(the)f(speci\002ed)g(number)e(of)i(times.)0 4889 y([rule])208
4988 y(A)g(element)g(enclosed)f(in)h(square)g(brack)o(ets)f(\("[")h
(and)g("]"\))g(is)h(optional.)0 5255 y(Robinson)e(&)h(Coar)1030
b(Expires)19 b(15)h(October)f(2003)1028 b([P)o(age)20
b(5])p eop
%%Page: 6 6
6 5 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fb(2.2)99 b(Basic)25 b(Rules)0
753 y Ff(The)20 b(follo)n(wing)e(rules)j(are)f(used)g(throughout)d
(this)j(speci\002cation)g(to)g(describe)g(basic)g(parsing)f
(constructs.)208 928 y Fd(alpha)480 b(=)83 b(lowalpha)48
b(|)i(hialpha)208 1027 y(lowalpha)330 b(=)83 b("a")49
b(|)h("b")f(|)h("c")f(|)h("d")f(|)h("e")f(|)g("f")h(|)f("g")h(|)f("h")g
(|)1071 1127 y("i")g(|)h("j")f(|)h("k")f(|)h("l")f(|)h("m")f(|)g("n")h
(|)f("o")h(|)f("p")g(|)1071 1227 y("q")g(|)h("r")f(|)h("s")f(|)h("t")f
(|)h("u")f(|)g("v")h(|)f("w")h(|)f("x")g(|)1071 1326
y("y")g(|)h("z")208 1426 y(hialpha)380 b(=)83 b("A")49
b(|)h("B")f(|)h("C")f(|)h("D")f(|)h("E")f(|)g("F")h(|)f("G")h(|)f("H")g
(|)1071 1526 y("I")g(|)h("J")f(|)h("K")f(|)h("L")f(|)h("M")f(|)g("N")h
(|)f("O")h(|)f("P")g(|)1071 1625 y("Q")g(|)h("R")f(|)h("S")f(|)h("T")f
(|)h("U")f(|)g("V")h(|)f("W")h(|)f("X")g(|)1071 1725
y("Y")g(|)h("Z")208 1824 y(digit)480 b(=)83 b("0")49
b(|)h("1")f(|)h("2")f(|)h("3")f(|)h("4")f(|)g("5")h(|)f("6")h(|)f("7")g
(|)1071 1924 y("8")g(|)h("9")208 2024 y(OCTET)480 b(=)83
b(<any)49 b(8-bit)g(byte>)208 2123 y(CHAR)530 b(=)83
b(alpha)49 b(|)g(digit)g(|)h(separator)e(|)i("!")f(|)h("#")f(|)h("$")f
(|)1071 2223 y("\045")g(|)h("&")f(|)h("'")f(|)h("*")f(|)h("+")f(|)g
("-")h(|)f(".")h(|)f("`")g(|)1071 2323 y("\210")g(|)h("_")f(|)h("{")f
(|)h("|")f(|)h("}")f(|)g("\230")h(|)f(CTL)208 2422 y(CTL)580
b(=)83 b(<any)49 b(control)g(character>)208 2522 y(SP)630
b(=)83 b(<space)49 b(character>)208 2621 y(HT)630 b(=)83
b(<horizontal)48 b(tab)h(character>)208 2721 y(NL)630
b(=)83 b(<newline>)208 2821 y(LWSP)530 b(=)83 b(SP)49
b(|)h(HT)f(|)h(NL)208 2920 y(separator)280 b(=)83 b("\(")49
b(|)h("\)")f(|)h("<")f(|)h(">")f(|)h("@")f(|)g(",")h(|)f(";")h(|)f(":")
g(|)1071 3020 y("\\")g(|)h(<">)f(|)h("/")f(|)h("[")f(|)h("]")f(|)g("?")
h(|)f("=")h(|)f("{")g(|)1071 3120 y("}")g(|)h(SP)f(|)h(HT)208
3219 y(token)480 b(=)83 b(1*<any)49 b(CHAR)g(except)f(CTLs)i(or)f
(separators>)208 3319 y(quoted-string)80 b(=)j(<">)49
b(*qdtext)g(<">)208 3418 y(qdtext)430 b(=)83 b(<any)49
b(CHAR)g(except)g(<">)g(and)g(CTLs)g(but)h(including)e(LWSP>)208
3518 y(TEXT)530 b(=)83 b(<any)49 b(printable)f(character>)0
3692 y Ff(Note)27 b(that)h(ne)n(wline)e(\(NL\))h(need)f(not)h(be)h(a)f
(single)g(control)f(character)m(,)i(b)n(ut)f(can)g(be)g(a)h(sequence)e
(of)h(control)f(characters.)45 b(A)0 3792 y(system)16
b(MA)-9 b(Y)17 b(de\002ne)f(TEXT)f(to)i(be)f(a)g(lar)o(ger)f(set)i(of)f
(characters)f(than)h(<an)o(y)f(CHAR)i(e)o(xcluding)d(CTLs)j(b)n(ut)f
(including)e(L)-6 b(WSP>.)0 4103 y Fb(2.3)99 b(URL)25
b(Encoding)0 4334 y Ff(Some)31 b(v)n(ariables)f(and)h(constructs)g
(used)g(here)f(are)h(described)f(as)i(being)f(`URL-encoded'.)55
b(This)31 b(encoding)f(is)i(described)0 4433 y(in)g(section)g(2)h(of)e
(RFC)j(2396)d([3].)60 b(In)32 b(a)h(URL-encoded)d(string)h(an)i(escape)
f(sequence)f(consists)h(of)g(a)h(percent)e(character)0
4533 y(\("\045"\))21 b(follo)n(wed)f(by)h(tw)o(o)h(he)o(xadecimal)e
(digits,)h(where)g(the)h(tw)o(o)f(he)o(xadecimal)f(digits)h(form)g(an)g
(octet.)29 b(An)21 b(escape)h(sequence)0 4633 y(represents)g(the)g
(graphic)f(character)g(which)h(has)h(the)g(octet)f(as)h(its)h(code)d
(within)i(the)f(US-ASCII)h([20])e(coded)g(character)h(set,)h(if)0
4732 y(it)h(e)o(xists.)34 b(Currently)22 b(there)g(is)i(no)f(pro)o
(vision)e(within)i(the)g(URI)h(syntax)e(to)h(identify)f(which)h
(character)e(set)j(non-ASCII)e(codes)0 4832 y(represent,)d(so)h(CGI)h
(handles)e(this)i(issue)g(on)f(an)g(ad-hoc)f(basis)h(for)g(each)g
(case.)0 5006 y(Note)f(that)g(some)g(unsafe)g(\(reserv)o(ed\))e
(characters)h(may)h(ha)n(v)o(e)f(dif)n(ferent)g(semantics)h(when)g
(encoded.)j(The)d(de\002nition)f(of)h(which)0 5255 y(Robinson)g(&)h
(Coar)1030 b(Expires)19 b(15)h(October)f(2003)1028 b([P)o(age)20
b(6])p eop
%%Page: 7 7
7 6 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y(characters)i(are)i(unsafe)f(depends)f(on)h(the)g
(conte)o(xt;)h(see)g(section)f(2)h(of)f(RFC)i(2396)d([3],)h(updated)f
(by)h(RFC)i(2732)d([11],)h(for)g(an)0 623 y(authoritati)n(v)o(e)18
b(treatment.)24 b(These)c(reserv)o(ed)e(characters)h(are)h(generally)e
(used)i(to)g(pro)o(vide)e(syntatic)i(structure)f(to)h(the)g(character)0
722 y(string,)35 b(for)c(e)o(xample)g(as)i(\002eld)f(separators.)60
b(In)32 b(all)g(cases,)k(the)c(string)g(is)h(\002rst)g(processed)e
(with)h(re)o(gard)e(to)j(an)o(y)e(reserv)o(ed)0 822 y(characters)22
b(present,)h(and)g(then)f(the)i(resulting)e(data)h(can)g(be)g
(URL-decoded)e(by)i(replacing)e("\045")j(escapes)f(by)g(their)g
(character)0 922 y(v)n(alues.)0 1096 y(T)-7 b(o)20 b(encode)e(a)h
(character)f(string,)h(all)h(rese)n(v)o(ed)e(and)h(forbidden)e
(characters)h(are)i(replaced)e(by)h(the)g(corresponding)d("\045")k
(escapes.)0 1196 y(The)j(string)g(can)g(then)g(be)g(used)g(in)g
(assembling)f(a)i(URI.)g(The)e(reserv)o(ed)g(characters)g(will)i(v)n
(ary)f(from)f(conte)o(xt)g(to)h(conte)o(xt,)g(b)n(ut)0
1295 y(will)e(al)o(w)o(ays)g(be)f(dra)o(wn)f(from)g(this)i(set:)208
1469 y Fd(reserved)81 b(=)i(";")49 b(|)h("/")f(|)h("?")f(|)h(":")f(|)g
("@")h(|)f("&")h(|)f("=")g(|)h("+")f(|)h("$")f(|)822
1569 y(",")g(|)h("[")f(|)h("]")0 1743 y Ff(The)26 b(last)i(tw)o(o)f
(characters)e(were)i(added)e(by)h(RFC)j(2732)c([11].)43
b(In)26 b(an)o(y)g(particular)f(conte)o(xt,)i(a)g(sub-set)f(of)h(these)
g(characters)0 1843 y(will)21 b(be)f(reserv)o(ed;)e(the)i(other)f
(characters)g(from)g(this)i(set)f(MUST)h(NO)m(T)e(be)h(encoded)e(when)i
(a)g(string)g(is)h(URL-encoded)c(in)j(that)0 1943 y(conte)o(xt.)k
(Other)19 b(basic)i(rules)f(used)g(to)g(describe)g(URI)g(syntax)g(are:)
208 2117 y Fd(hex)431 b(=)83 b(digit)48 b(|)i("A")f(|)h("B")f(|)h("C")f
(|)h("D")f(|)h("E")f(|)g("F")h(|)f("a")h(|)922 2217 y("b")f(|)g("c")h
(|)f("d")h(|)f("e")g(|)h("f")208 2316 y(escaped)231 b(=)83
b("\045")49 b(hex)g(hex)208 2416 y(unreserved)81 b(=)i(alpha)48
b(|)i(digit)f(|)h(mark)208 2516 y(mark)381 b(=)83 b("-")49
b(|)g("_")h(|)f(".")h(|)f("!")g(|)h("\230")f(|)h("*")f(|)h("'")f(|)h
("\(")f(|)h("\)")0 2870 y Fe(3)119 b(In)-5 b(v)o(oking)31
b(the)f(Script)0 3147 y Fb(3.1)99 b(Ser)o(v)o(er)26 b(Responsibilities)
0 3378 y Ff(The)20 b(serv)o(er)f(acts)i(as)g(an)f(application)f(gate)n
(w)o(ay)-5 b(.)24 b(It)c(recei)n(v)o(es)g(the)g(request)g(from)f(the)h
(client,)g(select)h(a)g(CGI)g(script)f(to)g(handle)g(the)0
3477 y(request,)h(con)m(v)o(ert)e(the)i(request)g(to)g(a)h(CGI)g
(request,)e(e)o(x)o(ecute)g(the)h(script)h(and)f(con)m(v)o(ert)e(the)i
(CGI)h(response)e(into)h(a)h(response)e(for)0 3577 y(the)j(client.)35
b(When)23 b(processing)f(the)h(client)g(request,)h(it)g(is)g
(responsible)e(for)h(implementing)e(an)o(y)h(protocol)g(or)h(transport)
f(le)n(v)o(el)0 3677 y(authentication)e(and)i(security)-5
b(.)30 b(The)22 b(serv)o(er)g(MA)-9 b(Y)23 b(also)f(function)f(in)h(a)h
(`non-transparent')18 b(manner)m(,)j(modifying)f(the)i(request)0
3776 y(or)e(response)f(in)i(order)d(to)j(pro)o(vide)d(some)i
(additional)f(service,)g(such)h(as)h(media)f(type)g(transformation)d
(or)j(protocol)f(reduction.)0 3951 y(The)e(serv)o(er)g(MUST)h(perform)e
(translations)h(and)g(protocol)f(con)m(v)o(ersions)f(on)i(the)h
(request)f(data)g(required)f(by)h(this)i(speci\002cation.)0
4050 y(Futhermore,)24 b(the)g(serv)o(er)g(retains)h(is)h
(responsibility)d(to)i(the)g(client)g(to)g(conform)d(to)j(the)g(netw)o
(ork)e(protocol)g(e)n(v)o(en)h(if)h(the)g(CGI)0 4150
y(script)20 b(f)o(ails)h(to)f(conform)e(to)j(this)g(speci\002cation.)0
4324 y(If)26 b(the)g(serv)o(er)f(is)i(applying)e(authentication)f(to)i
(the)g(request,)h(then)f(it)g(MUST)h(NO)m(T)f(e)o(x)o(ecute)f(the)h
(script)g(unless)g(the)g(request)0 4424 y(passes)21 b(all)g(de\002ned)e
(access)i(controls.)0 5255 y(Robinson)e(&)h(Coar)1030
b(Expires)19 b(15)h(October)f(2003)1028 b([P)o(age)20
b(7])p eop
%%Page: 8 8
8 7 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fb(3.2)99 b(Script)26 b(Selection)0
753 y Ff(The)17 b(serv)o(er)g(determines)f(the)i(CGI)g(script)f(to)h
(be)f(e)o(x)o(ecuted)f(based)h(on)g(a)h(generic-form)c(URI)k(supplied)f
(by)g(the)g(client.)24 b(This)18 b(URI)0 853 y(includes)i(a)h
(hierarchical)f(path)g(with)h(components)e(separated)h(by)g("/".)27
b(F)o(or)21 b(an)o(y)f(particular)f(request,)h(the)h(serv)o(er)f(will)i
(identify)0 953 y(all)i(or)f(a)h(leading)f(part)g(of)h(this)g(path)f
(with)h(an)f(indi)n(vidual)f(script,)i(thus)g(placing)e(the)i(script)f
(at)i(a)f(particular)e(point)h(in)g(the)h(path)0 1052
y(hierarchy)-5 b(.)35 b(The)24 b(remainder)f(of)h(the)h(path,)f(if)h
(an)o(y)-5 b(,)24 b(identi\002es)h(a)g(resource)e(or)h(sub-resource)e
(identi\002er)i(to)h(be)f(interpreted)f(by)0 1152 y(the)d(script.)0
1326 y(Information)h(about)i(this)h(split)g(of)g(the)f(path)h(is)g(a)n
(v)n(ailable)g(to)f(the)h(script)g(in)g(the)g(meta-v)n(ariables,)e
(described)h(belo)n(w)-5 b(.)34 b(Support)0 1426 y(for)20
b(non-hierarchical)c(URI)21 b(schemes)f(is)h(outside)f(the)g(scope)g
(of)g(this)g(speci\002cation.)0 1738 y Fb(3.3)99 b(The)26
b(Script-URI)0 1969 y Ff(The)21 b(mapping)e(from)g(request)i(URI)g(to)g
(choice)f(of)h(script)g(is)h(de\002ned)e(by)g(the)h(particular)f(serv)o
(er)g(implementation)e(and)j(its)g(con-)0 2068 y(\002guration.)27
b(The)21 b(serv)o(er)g(MA)-9 b(Y)21 b(allo)n(w)h(the)f(script)h(to)f
(be)h(identi\002ed)e(with)i(a)g(set)g(of)f(se)n(v)o(eral)g(dif)n
(ferent)e(URI)j(path)f(heierarchies,)0 2168 y(and)d(therefore)f(is)i
(permitted)e(to)i(replace)f(the)g(URI)h(by)f(other)g(members)f(of)i
(this)g(set)g(during)e(processing)g(and)h(generation)e(of)j(the)0
2268 y(meta-v)n(ariables.)k(The)d(serv)o(er)104 2434
y(1.)41 b(MA)-9 b(Y)20 b(preserv)o(e)f(the)h(URI)h(in)f(the)g
(particular)f(request;)h(or)104 2600 y(2.)41 b(MA)-9
b(Y)20 b(select)h(a)g(canonical)e(URI)h(from)f(the)i(set)g(of)f
(possible)f(v)n(alues)h(for)g(each)g(script;)g(or)104
2766 y(3.)41 b(can)20 b(implement)e(an)o(y)i(other)f(selection)h(of)g
(URI)h(from)e(the)h(set.)0 3006 y(From)h(the)h(meta-v)n(ariables)f
(thus)h(generated,)e(a)i(URI,)h(the)f(`Script-URI')e(can)i(be)g
(constructed.)29 b(This)22 b(MUST)g(ha)n(v)o(e)f(the)h(prop-)0
3106 y(erty)29 b(that)h(if)g(the)g(client)g(had)f(accessed)h(this)g
(URI)g(instead,)i(then)d(the)h(script)g(w)o(ould)f(ha)n(v)o(e)g(been)g
(e)o(x)o(ecuted)f(with)i(the)f(same)0 3206 y(v)n(alues)d(for)f(the)h(P)
-8 b(A)f(TH_INFO)25 b(and)h(Q)o(UER)-5 b(Y_STRING)25
b(meta-v)n(ariables.)40 b(The)26 b(Script-URI)f(has)i(the)e(syntax)h
(of)f(a)i(generic)0 3305 y(URI)d(as)g(de\002ned)f(in)h(section)f(3)g
(of)h(RFC)h(2396)d([3],)h(with)h(the)g(e)o(xception)d(that)j(object)f
(parameters)f(and)h(fragment)f(identi\002ers)0 3405 y(are)29
b(not)g(permitted.)52 b(The)29 b(v)n(arious)f(components)f(of)i(the)h
(Script-URI)e(are)i(de\002ned)e(by)h(some)g(of)g(the)h(meta-v)n
(ariables)d(\(see)0 3505 y(belo)n(w\);)208 3679 y Fd(script-URI)230
b(=)83 b(scheme)49 b("://")g(server-name)e([)j(":")f(server-port)f(])
1071 3779 y([)i(script-path)d([)j(extra-path)e(["?")h(query-string])e
(])j(])208 3878 y(script-path)180 b(=)83 b(abs-path)208
3978 y(extra-path)230 b(=)83 b(abs-path)208 4077 y(abs-path)330
b(=)83 b("/")49 b(path-segments)208 4177 y(path-segments)80
b(=)j(segment)48 b(*\()i("/")f(segment\))208 4277 y(segment)380
b(=)83 b(*lchar)208 4376 y(lchar)480 b(=)83 b(unreserved)48
b(|)i(escaped)e(|)i(extra)208 4476 y(extra)480 b(=)83
b(":")49 b(|)h("@")f(|)h("&")f(|)h("=")f(|)h("+")f(|)g("$")h(|)f(",")0
4650 y Ff(where)20 b(`scheme')g(is)i(found)d(from)h(SER)-7
b(VER_PR)m(O)m(T)o(OCOL,)20 b(and)g(script-path)g(and)g(e)o(xtra-path)f
(are)i(URL-encoded)e(v)o(ersions)0 4750 y(of)27 b(SCRIPT_N)m(AME)h(and)
f(P)-8 b(A)f(TH_INFO,)27 b(respecti)n(v)o(ely)-5 b(,)27
b(with)h(";",)i("=")d(and)g("?")h(reserv)o(ed.)46 b(See)28
b(section)f(4.1.5)f(for)h(more)0 4850 y(information)18
b(about)h(the)h(P)-8 b(A)f(TH_INFO)20 b(meta-v)n(ariable.)0
5255 y(Robinson)f(&)h(Coar)1030 b(Expires)19 b(15)h(October)f(2003)1028
b([P)o(age)20 b(8])p eop
%%Page: 9 9
9 8 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y(The)f(scheme)h(and)f(the)h(protocol)e(are)i(not)
f(identical)h(as)g(the)g(scheme)f(identi\002es)h(an)g(access)g(method)f
(in)h(addition)e(to)i(a)h(protocol.)0 623 y(F)o(or)c(instance,)g(a)h
(resource)e(accessed)h(using)g(T)m(ransport)e(Layer)i(Security)f
(\(TLS\))h([7])g(may)f(ha)n(v)o(e)h(a)h(request)e(URI)i(with)f(a)h
(scheme)0 722 y(of)k Fd(https)g Ff(whilst)h(using)f(the)g(HTTP)h
(protocol)e([16].)30 b(CGI/1.1)22 b(pro)o(vides)f(no)h(generic)f(means)
h(for)g(the)g(script)h(to)f(reconstruct)0 822 y(this,)d(and)g
(therefore)e(the)h(Script-URI)h(as)g(de\002ned)f(includes)g(the)h(base)
g(protocol)e(used.)24 b(Ho)n(we)n(v)o(er)m(,)17 b(a)i(script)g(MA)-9
b(Y)19 b(mak)o(e)g(use)g(of)0 922 y(scheme-speci\002c)g(meta-v)n
(ariables)f(to)j(better)f(deduce)e(the)j(URI)f(scheme.)0
1096 y(Note)j(that)g(this)h(de\002nition)e(also)i(allo)n(ws)f(URIs)h
(to)g(be)f(constructed)e(which)i(w)o(ould)f(in)m(v)n(ok)o(e)g(the)h
(script)h(with)f(an)o(y)f(permissable)0 1196 y(v)n(alues)e(for)f(the)i
(path-info)d(or)i(query-string,)d(by)j(modifying)d(the)k(appropriate)c
(components.)0 1508 y Fb(3.4)99 b(Execution)0 1738 y
Ff(The)19 b(script)h(is)g(in)m(v)n(ok)o(ed)e(in)i(a)g(system)f
(de\002ned)g(manner)-5 b(.)24 b(Unless)c(speci\002ed)f(otherwise,)g
(the)g(\002le)i(containing)c(the)j(script)f(will)i(be)0
1838 y(in)m(v)n(ok)o(ed)d(as)j(an)f(e)o(x)o(ecutable)f(program.)0
2193 y Fe(4)119 b(The)31 b(CGI)e(Request)0 2453 y Ff(Information)e
(about)i(a)h(request)f(comes)g(from)g(tw)o(o)h(dif)n(ferent)d(sources:)
44 b(the)30 b(request)f(meta-v)n(ariables)f(and)h(an)o(y)g(associated)0
2553 y(message-body)-5 b(.)0 2865 y Fb(4.1)99 b(Request)26
b(Meta-V)-9 b(ariables)0 3095 y Ff(Meta-v)n(ariables)21
b(contain)g(data)i(about)e(the)h(request)g(passed)g(from)g(the)g(serv)o
(er)g(to)g(the)h(script,)g(and)e(are)i(accessed)f(by)g(the)h(script)0
3195 y(in)18 b(a)h(system)g(de\002ned)e(manner)-5 b(.)23
b(Meta-v)n(ariables)17 b(are)h(identi\002ed)g(by)g(case-insensiti)n(v)o
(e)f(names;)h(there)g(cannot)f(be)i(tw)o(o)f(dif)n(ferent)0
3295 y(v)n(ariable)23 b(whose)g(names)h(dif)n(fer)f(in)h(case)g(only)-5
b(.)35 b(Here)24 b(the)o(y)f(are)h(sho)n(wn)f(using)g(a)i(canonical)d
(representation)g(of)i(capitals)g(plus)0 3394 y(underscore)18
b(\("_"\).)24 b(A)d(particular)e(system)h(can)g(de\002ned)f(a)i(dif)n
(ferent)d(representation.)208 3569 y Fd(meta-variable-name)79
b(=)k("AUTH_TYPE")48 b(|)h("CONTENT_LENGTH")e(|)1320
3668 y("CONTENT_TYPE")g(|)j("GATEWAY_INTERFACE")c(|)1320
3768 y("PATH_INFO")i(|)h("PATH_TRANSLATED")e(|)1320 3868
y("QUERY_STRING")g(|)j("REMOTE_ADDR")d(|)1320 3967 y("REMOTE_HOST")g(|)
j("REMOTE_IDENT")d(|)1320 4067 y("REMOTE_USER")g(|)j("REQUEST_METHOD")d
(|)1320 4166 y("SCRIPT_NAME")g(|)j("SERVER_NAME")d(|)1320
4266 y("SERVER_PORT")g(|)j("SERVER_PROTOCOL")d(|)1320
4366 y("SERVER_SOFTWARE")g(|)i(scheme)g(|)1320 4465 y
(protocol-var-name)e(|)i(extension-var-name)208 4565
y(protocol-var-name)129 b(=)83 b(\()50 b(protocol)e(|)i(scheme)e(\))i
("_")f(var-name)208 4665 y(var-name)579 b(=)83 b(token)208
4764 y(extension-var-name)c(=)k(token)0 4939 y Ff(Meta-v)n(ariables)26
b(with)j(the)f(name)f(of)h(a)g(scheme,)h(and)f(names)f(be)o(ginning)f
(with)i(the)g(name)f(of)h(a)g(protocol)e(or)i(scheme)f(\(e.g.)0
5255 y(Robinson)19 b(&)h(Coar)1030 b(Expires)19 b(15)h(October)f(2003)
1028 b([P)o(age)20 b(9])p eop
%%Page: 10 10
10 9 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y(HTTP_A)m(CCEPT\))k(are)g(also)g(be)g
(speci\002ed.)37 b(The)24 b(number)f(and)g(meaning)g(of)h(these)g(v)n
(ariables)g(may)g(change)f(independently)0 623 y(of)d(this)h
(speci\002cation.)j(\(See)c(also)h(section)f(4.1.18.\))0
797 y(The)h(serv)o(er)f(MA)-9 b(Y)22 b(de\002ne)e(additional)g
(implementation-speci\002c)e(e)o(xtension)i(meta-v)n(ariables,)g(whose)
g(names)h(SHOULD)h(be)0 897 y(pre\002x)o(ed)d(with)h(`X_'.)0
1071 y(This)25 b(speci\002cation)e(does)h(not)g(distinguish)g(between)f
(zero-length)f(\(NULL\))i(v)n(alues)g(and)g(missing)g(v)n(alues.)37
b(F)o(or)24 b(e)o(xample,)g(a)0 1171 y(script)i(cannot)f(distinguish)g
(between)g(the)h(requests)g Fd(http://host/script)d Ff(and)i
Fd(http://host/script?)40 b Ff(;)29 b(in)0 1270 y(both)d(cases)i(the)g
(Q)o(UER)-5 b(Y_STRING)26 b(meta-v)n(ariable)g(w)o(ould)g(be)h(NULL.)g
(An)h(optional)e(meta-v)n(ariable)f(may)i(be)g(ommitted)0
1370 y(\(left)20 b(unset\))g(if)g(its)h(v)n(alue)f(is)h(NULL.)208
1544 y Fd(meta-variable-value)79 b(=)k("")49 b(|)h(<TEXT,)f(CHAR)g(or)g
(tokens)g(of)g(value>)0 1719 y Ff(Meta-v)n(ariable)25
b(v)n(alues)h(MUST)h(be)g(considered)e(case-sensiti)n(v)o(e)h(e)o
(xcept)g(as)h(noted)f(otherwise.)44 b(The)26 b(representation)f(of)i
(the)0 1818 y(characters)19 b(in)i(the)f(meta-v)n(ariables)e(is)j
(system)g(de\002ned;)e(the)h(serv)o(er)g(MUST)g(con)m(v)o(ert)e(v)n
(alues)i(to)g(that)h(character)d(set.)0 2114 y Fc(4.1.1)81
b(A)l(UTH_TYPE)0 2344 y Ff(The)16 b(A)-5 b(UTH_TYPE)16
b(v)n(ariable)g(identi\002es)g(an)o(y)g(mechanism)f(used)h(by)g(the)h
(serv)o(er)e(to)i(authenticate)e(the)h(user)-5 b(.)24
b(Currently)16 b(de\002ned)0 2444 y(v)n(alues)k(are)g(speci\002c)g(to)h
(requests)e(made)h(via)g(the)g(HTTP)h(protocol.)0 2618
y(If)d(the)f(client)h(request)f(required)f(authentication)g(for)h(e)o
(xternal)f(access,)j(then)e(the)h(serv)o(er)f(MUST)h(set)g(the)g(v)n
(alue)f(of)g(this)i(v)n(ariable)0 2718 y(from)25 b(the)i(`auth-scheme')
d(tok)o(en)i(in)g(the)h(request)e(Authorization)g(HTTP)h(header)g
(\002eld.)44 b(Otherwise)26 b(the)g(v)n(ariable)g(is)h(set)g(to)0
2818 y(NULL.)20 b(The)g(syntax)f(is)i(for)f(this)h(v)n(ariable)e(is)i
(described)e(in)h(RFC)i(2617)d([9]:)208 2992 y Fd(AUTH_TYPE)181
b(=)82 b("")50 b(|)f(auth-scheme)208 3092 y(auth-scheme)81
b(=)h("Basic")49 b(|)g("Digest")g(|)g(token)0 3266 y
Ff(HTTP)28 b(access)g(authentication)d(schemes)i(are)h(described)e(in)i
(section)f(11)g(of)g(the)h(HTTP/1.1)e(speci\002cation)h([8].)46
b(The)27 b(auth-)0 3366 y(scheme)20 b(is)h(not)f(case-sensiti)n(v)o(e.)
0 3661 y Fc(4.1.2)81 b(CONTENT_LENGTH)0 3892 y Ff(The)24
b(CONTENT_LENGTH)e(v)n(ariable)h(contains)h(the)g(size)h(of)e(the)h
(message-body)e(entity)i(attached)f(to)h(the)g(request,)h(if)f(an)o(y)
-5 b(,)0 3991 y(in)20 b(decimal)g(number)e(of)i(octets.)25
b(If)20 b(no)g(data)g(is)h(attached,)f(then)f(NULL)h(\(or)g(unset\).)
208 4166 y Fd(CONTENT_LENGTH)80 b(=)j("")49 b(|)h(1*digit)0
4340 y Ff(The)30 b(serv)o(er)f(MUST)h(set)g(this)h(meta-v)n(ariable)d
(if)i(the)g(request)f(is)i(accompanied)c(by)j(a)g(message-body)d
(entity)-5 b(.)54 b(The)29 b(CON-)0 4440 y(TENT_LENGTH)c(v)n(alue)i
(must)g(re\003ect)h(the)f(length)f(of)h(the)g(message-body)e(after)i
(the)g(serv)o(er)g(has)g(remo)o(v)o(ed)e(an)o(y)h(transfer)n(-)0
4539 y(codings)19 b(or)h(content-codings.)0 5255 y(Robinson)f(&)h(Coar)
1009 b(Expires)19 b(15)h(October)f(2003)1008 b([P)o(age)19
b(10])p eop
%%Page: 11 11
11 10 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fc(4.1.3)81 b(CONTENT_TYPE)0 753
y Ff(If)23 b(the)f(request)g(includes)g(a)i(message-body)-5
b(,)20 b(the)j(CONTENT_TYPE)e(v)n(ariable)h(is)i(set)f(to)g(the)g
(Internet)e(Media)i(T)-7 b(ype)22 b([10])g(of)0 853 y(the)e(attached)g
(entity)-5 b(.)208 1027 y Fd(CONTENT_TYPE)80 b(=)j("")50
b(|)f(media-type)208 1127 y(media-type)180 b(=)83 b(type)49
b("/")g(subtype)g(*\()g(";")h(parameter)e(\))208 1227
y(type)480 b(=)83 b(token)208 1326 y(subtype)330 b(=)83
b(token)208 1426 y(parameter)230 b(=)83 b(attribute)48
b("=")i(value)208 1526 y(attribute)230 b(=)83 b(token)208
1625 y(value)430 b(=)83 b(token)49 b(|)h(quoted-string)0
1800 y Ff(The)23 b(type,)f(subtype)g(and)g(parameter)g(attrib)n(ute)g
(names)h(are)f(not)h(case-sensiti)n(v)o(e.)32 b(P)o(arameter)22
b(v)n(alues)h(may)f(be)h(case)g(sensiti)n(v)o(e.)0 1899
y(Media)d(types)g(and)g(their)f(use)i(in)f(HTTP)h(are)f(described)f
(section)h(3.7)f(of)h(the)g(HTTP/1.1)f(speci\002cation)h([8].)0
2073 y(There)g(is)i(no)f(def)o(ault)f(v)n(alue)g(for)h(this)g(v)n
(ariable.)27 b(If)20 b(and)h(only)f(if)h(it)h(is)g(unset,)f(then)g(the)
g(script)g(MA)-9 b(Y)21 b(attempt)g(to)g(determine)f(the)0
2173 y(media)g(type)f(from)g(the)h(data)g(recei)n(v)o(ed.)k(If)19
b(the)i(type)e(remains)h(unkno)n(wn,)d(then)j(the)g(script)g(MA)-9
b(Y)20 b(choose)f(to)i(assume)f(a)g(type)g(of)0 2273
y Fd(application/octet-stream)c Ff(or)k(it)h(may)f(reject)g(the)g
(request)g(with)g(an)g(error)f(\(as)i(described)e(in)h(section)g
(6.3.3\).)0 2447 y(Each)e(media-type)e(de\002nes)i(a)h(set)g(of)f
(optional)f(and)h(mandatory)e(parameters.)23 b(This)c(may)f(include)f
(a)i(charset)f(parameter)f(with)h(a)0 2547 y(case-insensiti)n(v)o(e)i
(v)n(alue)h(de\002ning)e(the)j(coded)e(character)g(set)i(for)e(the)h
(attached)g(entity)-5 b(.)27 b(If)21 b(the)g(charset)g(parameter)e(is)k
(omitted,)0 2646 y(then)d(the)g(def)o(ault)f(v)n(alue)h(should)f(be)h
(deri)n(v)o(ed)f(according)f(to)i(whiche)n(v)o(er)e(of)i(the)g(follo)n
(wing)f(rules)h(is)h(the)f(\002rst)h(to)g(apply:)104
2788 y(1.)41 b(There)19 b(MA)-9 b(Y)21 b(be)f(a)g(system-de\002ned)f
(def)o(ault)g(charset)h(for)g(some)g(media-types.)104
2941 y(2.)41 b(The)19 b(def)o(ault)h(for)f(media-types)g(of)h(type)g
(`te)o(xt')f(is)i(ISO-8859-1)c([8].)104 3095 y(3.)41
b(An)o(y)19 b(def)o(ault)h(de\002ned)f(in)h(the)g(media-type)e
(speci\002cation.)104 3249 y(4.)41 b(The)19 b(def)o(ault)h(is)h
(US-ASCII.)0 3464 y(The)c(serv)o(er)g(MUST)h(set)h(this)f(meta-v)n
(ariable)e(if)i(an)g(HTTP)g(Content-T)-7 b(ype)16 b(\002eld)i(is)h
(present)e(in)h(the)g(original)e(request)h(header)-5
b(.)24 b(If)0 3564 y(the)19 b(serv)o(er)f(recei)n(v)o(es)g(a)h(request)
f(with)h(an)g(attached)f(entity)g(b)n(ut)h(no)g(Cotent-T)-7
b(ype)17 b(header)h(\002eld,)h(it)g(MA)-9 b(Y)20 b(attempt)e(to)h
(determine)0 3664 y(the)h(correct)f(content)h(type,)f(otherwise)h(it)h
(should)e(omit)h(this)g(meta-v)n(ariable.)0 3954 y Fc(4.1.4)81
b(GA)-8 b(TEW)e(A)i(Y_INTERF)h(A)i(CE)0 4184 y Ff(The)20
b(GA)-9 b(TEW)f(A)h(Y_INTERF)j(A)m(CE)19 b(v)n(ariable)g(MUST)h(be)g
(set)h(to)g(the)f(dialect)g(of)g(CGI)g(being)f(used)h(by)g(the)g(serv)o
(er)f(to)i(communi-)0 4284 y(cate)f(with)h(the)f(script.)25
b(Syntax:)208 4458 y Fd(GATEWAY_INTERFACE)79 b(=)k("CGI")49
b("/")g(1*digit)g(".")g(1*digit)0 4633 y Ff(Note)18 b(that)g(the)g
(major)f(and)g(minor)g(numbers)f(are)i(treated)f(as)i(separate)e(inte)o
(gers)g(and)g(hence)g(each)h(may)f(be)h(incremented)e(higher)0
4732 y(than)k(a)g(single)g(digit.)25 b(Thus)19 b(CGI/2.4)h(is)h(a)f(lo)
n(wer)g(v)o(ersion)f(than)g(CGI/2.13)g(which)h(in)g(turn)f(is)i(lo)n
(wer)f(than)f(CGI/12.3.)24 b(Leading)0 4832 y(zeros)c(MUST)g(be)g
(ignored)f(by)h(the)g(script)g(and)g(MUST)g(NO)m(T)g(be)g(generated)f
(by)g(the)i(serv)o(er)-5 b(.)0 5006 y(This)20 b(document)f(de\002nes)h
(the)g(1.1)f(v)o(ersion)g(of)h(the)g(CGI)h(interf)o(ace.)0
5255 y(Robinson)e(&)h(Coar)1009 b(Expires)19 b(15)h(October)f(2003)1008
b([P)o(age)19 b(11])p eop
%%Page: 12 12
12 11 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fc(4.1.5)81 b(P)-6 b(A)e(TH_INFO)0
753 y Ff(The)25 b(P)-8 b(A)f(TH_INFO)24 b(v)n(ariable)g(speci\002es)i
(a)f(path)g(to)g(be)g(interpreted)e(by)i(the)g(CGI)h(script.)39
b(It)25 b(identi\002es)g(the)g(resource)f(or)h(sub-)0
853 y(resource)d(to)h(be)g(returned)e(by)i(the)g(CGI)h(script,)g(and)e
(MUST)h(be)g(deri)n(v)o(ed)f(from)g(the)h(the)g(portion)f(of)h(the)g
(URI)g(path)g(heirarchy)0 953 y(follo)n(wing)e(that)h(part)h(that)f
(identi\002es)h(the)f(script)h(itself.)32 b(Unlik)o(e)22
b(a)h(URI)g(path,)f(the)h(P)-8 b(A)f(TH_INFO)22 b(is)h(not)f
(URL-encoded,)f(and)0 1052 y(cannot)15 b(contain)g(path-se)o(gment)f
(parameters.)22 b(A)17 b(P)-8 b(A)f(TH_INFO)16 b(of)f("/")i(represents)
e(a)i(single)f(v)n(oid)f(path)h(se)o(gment.)208 1227
y Fd(PATH_INFO)81 b(=)i("")49 b(|)h(\()f("/")h(path)f(\))208
1326 y(path)331 b(=)83 b(psegment)48 b(*\()h("/")h(psegment)e(\))208
1426 y(psegment)131 b(=)83 b(*pchar)208 1526 y(pchar)281
b(=)83 b(<any)49 b(TEXT)g(or)g(CTL)h(except)e("/">)0
1700 y Ff(The)16 b(v)n(alue)g(is)h(considered)e(case-sensiti)n(v)o(e)g
(and)h(the)g(serv)o(er)g(MUST)h(prese)n(v)o(e)e(the)h(case)h(of)f(the)g
(path)g(as)h(presented)e(in)i(the)f(request)0 1800 y(URI.)24
b(The)f(serv)o(er)g(MA)-9 b(Y)24 b(impose)f(restrictions)g(and)g
(limitations)g(on)g(what)h(v)n(alues)f(it)h(permits)f(for)g(P)-8
b(A)f(TH_INFO,)23 b(and)g(MA)-9 b(Y)0 1899 y(reject)24
b(the)f(request)g(with)h(an)f(error)g(if)g(it)i(encounters)d(an)o(y)g
(v)n(alues)h(considered)f(objectionable.)33 b(Similarly)-5
b(,)23 b(treatment)g(of)g(non)0 1999 y(US-ASCII)d(characters)g(in)g
(the)g(path)g(is)h(system)f(de\002ned.)0 2173 y(URL-encoded,)25
b(the)h(P)-8 b(A)f(TH_INFO)26 b(string)g(forms)f(the)i(e)o(xtra-path)d
(component)f(of)j(the)g(Script-URI)g(\(see)g(section)g(3.2\))f(that)0
2273 y(follo)n(ws)20 b(the)g(SCRIPT_N)m(AME)g(part)g(of)g(that)g(path.)
0 2565 y Fc(4.1.6)81 b(P)-6 b(A)e(TH_TRANSLA)g(TED)0
2796 y Ff(The)25 b(P)-8 b(A)f(TH_TRANSLA)g(TED)24 b(v)n(ariable)g(is)i
(deri)n(v)o(ed)d(by)h(taking)h(the)g(P)-8 b(A)f(TH_INFO,)24
b(parsing)g(it)i(as)g(a)f(URI)h(in)f(its)h(o)n(wn)e(right,)0
2895 y(and)k(performing)e(an)o(y)h(virtual-to-physical)e(translation)j
(appropriate)e(to)j(map)f(it)h(onto)f(the)h(serv)o(er')-5
b(s)28 b(document)e(repository)0 2995 y(structure.)208
3169 y Fd(PATH_TRANSLATED)80 b(=)j(*TEXT)0 3344 y Ff(This)20
b(is)h(the)g(\002le)g(location)e(that)h(w)o(ould)g(be)g(accessed)g(by)g
(a)g(request)g(for)208 3571 y Fd(scheme)48 b("://")h(server-name)f(":")
h(server-port)f(enc\(PATH_INFO\))0 3798 y Ff(where)28
b(`scheme')e(is)k(found)c(from)h(SER)-7 b(VER_PR)m(O)m(T)o(OCOL)28
b(\(as)g(described)f(in)h(section)g(3.2\))f(and)h(`enc\(P)-8
b(A)f(TH_INFO\)')26 b(is)0 3898 y(a)31 b(URL-encoded)e(v)o(ersion)h(of)
h(P)-8 b(A)f(TH_INFO,)30 b(with)h(";",)j("=")d(and)f("?")h(reserv)o
(ed.)56 b(F)o(or)31 b(e)o(xample,)h(a)f(request)f(such)h(as)h(the)0
3998 y(follo)n(wing:)208 4225 y Fd(http://somehost.com/cgi-bin/somes)o
(cript)o(/this\045)o(2eis\045)o(2epat)o(h\0453bin)o(fo)0
4452 y Ff(the)17 b(P)-8 b(A)f(TH_INFO)17 b(component)e(w)o(ould)h(be)h
(decoded,)f(and)g(the)i(result)f(parsed)f(as)i(though)d(it)j(were)f(a)h
(request)e(for)h(the)g(follo)n(wing:)208 4679 y Fd
(http://somehost.com/this.is.the.p)o(ath\0453)o(binfo)0
4907 y Ff(This)24 b(w)o(ould)e(then)h(be)h(translated)e(to)i(a)g
(location)e(in)i(the)f(serv)o(er')-5 b(s)23 b(document)f(repository)-5
b(,)21 b(perhaps)i(a)g(\002lesystem)h(path)f(some-)0
5006 y(thing)c(lik)o(e)i(this:)0 5255 y(Robinson)e(&)h(Coar)1009
b(Expires)19 b(15)h(October)f(2003)1008 b([P)o(age)19
b(12])p eop
%%Page: 13 13
13 12 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)208 523 y Fd(/usr/local/www/htdocs/this.is.the)o(.path)o
(;info)0 764 y Ff(The)g(result)g(of)g(the)g(translation)f(is)j(the)e(v)
n(alue)f(of)h(P)-8 b(A)f(TH_TRANSLA)g(TED.)0 938 y(The)32
b(v)n(alue)f(of)g(P)-8 b(A)f(TH_TRANSLA)g(TED)31 b(may)h(or)f(may)h
(not)f(map)h(to)g(a)g(v)n(alid)g(repository)e(location.)59
b(The)31 b(serv)o(er)g(MUST)0 1038 y(preserv)o(e)19 b(the)i(case)g(of)g
(the)g(path-info)e(se)o(gment)h(if)h(and)f(only)g(if)h(the)g
(underlying)d(repository)h(supports)h(case-sensiti)n(v)o(e)g(names.)0
1137 y(If)j(the)g(repository)e(is)j(only)e(case-a)o(w)o(are,)h
(case-preserving,)e(or)h(case-blind)g(with)h(re)o(gard)e(to)i(document)
e(names,)i(the)g(serv)o(er)g(is)0 1237 y(not)f(required)f(to)i(preserv)
o(e)e(the)i(case)g(of)f(the)h(original)e(se)o(gment)h(through)e(the)j
(translation.)31 b(The)22 b(set)i(of)e(characters)g(permitted)0
1337 y(in)e(the)h(repository)d(location)h(are)h(system)h(de\002ned.)0
1511 y(The)e(translation)f(algorithm)g(the)h(serv)o(er)g(uses)h(to)f
(deri)n(v)o(e)f(P)-8 b(A)f(TH_TRANSLA)g(TED)18 b(is)j(implementation)c
(de\002ned;)h(CGI)i(scripts)0 1611 y(which)g(use)g(this)h(v)n(ariable)e
(may)h(suf)n(fer)f(limited)h(portability)-5 b(.)0 1785
y(The)20 b(serv)o(er)f(SHOULD)h(set)h(this)f(meta-v)n(ariable)e(if)i
(the)g(request)g(URI)g(includes)f(a)i(path-info)d(component.)k(If)e(P)
-8 b(A)f(TH_INFO)20 b(is)0 1885 y(NULL,)g(then)g(the)g(P)-8
b(A)f(TH_TRANSLA)g(TED)19 b(v)n(ariable)g(MUST)h(be)h(set)g(to)f(NULL)g
(\(or)g(unset\).)0 2180 y Fc(4.1.7)81 b(Q)o(UER)m(Y_STRING)0
2411 y Ff(The)25 b(Q)o(UER)-5 b(Y_STRING)26 b(v)n(ariable)e(contains)h
(a)h(URL-encoded)e(search)h(or)g(parameter)g(string;)j(it)e(pro)o
(vides)e(information)f(to)0 2510 y(the)d(CGI)h(script)f(to)g(af)n(fect)
g(or)g(re\002ne)g(the)g(document)e(to)j(be)f(returned)e(by)i(te)h
(script.)0 2685 y(The)k(URL)g(syntax)g(for)f(a)i(search)e(string)h(is)h
(described)e(in)h(section)g(3)g(of)g(RFC)h(2396)e([3].)39
b(The)25 b(Q)o(UER)-5 b(Y_STRING)24 b(v)n(alue)h(is)0
2784 y(case-sensiti)n(v)o(e.)208 2959 y Fd(QUERY_STRING)80
b(=)j(query-string)208 3058 y(query-string)d(=)j(*uric)208
3158 y(uric)480 b(=)83 b(reserved)48 b(|)i(unreserved)e(|)i(escaped)0
3332 y Ff(When)16 b(parsing)f(and)h(decoding)e(the)i(query)f(string,)i
(the)f(detail)g(of)g(the)g(parsing,)g(reserv)o(ed)f(characters)g(and)h
(non)f(US-ASCII)h(char)n(-)0 3432 y(acters)22 b(depends)f(on)g(the)h
(conte)o(xt.)29 b(F)o(or)22 b(e)o(xample,)f(form)g(submission)g(from)g
(an)h(HTML)f(document)f([15])h(uses)i(application/x-)0
3532 y(www-form-urlencoded)i(encoding,)30 b(in)g(which)g(the)g
(characters)f("+",)j("&")e(and)f("=")h(are)g(reserv)o(ed,)h(and)f(the)g
(ISO)g(8859-1)0 3631 y(encoding)18 b(may)i(used)g(for)f(non)h(US-ASCII)
g(characters.)0 3806 y(The)g(Q)o(UER)-5 b(Y_STRING)20
b(v)n(alue)f(pro)o(vides)g(the)h(query-string)d(part)j(of)g(the)g
(Script-URI.)g(\(See)g(section)g(3.2\).)0 3980 y(The)g(serv)o(er)f
(MUST)i(set)g(this)f(v)n(ariable;)f(if)i(the)f(Script-URI)g(does)g(not)
g(include)f(a)i(query)d(component,)g(the)i(Q)o(UER)-5
b(Y_STRING)0 4079 y(MUST)20 b(be)h(de\002ned)e(as)i(an)f(empty)f
(string)h(\(""\).)0 4375 y Fc(4.1.8)81 b(REMO)m(TE_ADDR)0
4606 y Ff(The)31 b(REMO)m(TE_ADDR)f(v)n(ariable)g(MUST)i(be)f(set)h(to)
f(the)g(netw)o(ork)f(address)h(of)f(the)i(client)f(sending)f(the)h
(request)f(to)i(the)0 4705 y(serv)o(er)-5 b(.)208 4880
y Fd(REMOTE_ADDR)130 b(=)83 b(hostnumber)208 4979 y(hostnumber)180
b(=)83 b(ipv4-address)48 b(|)h(ipv6-address)0 5255 y
Ff(Robinson)19 b(&)h(Coar)1009 b(Expires)19 b(15)h(October)f(2003)1008
b([P)o(age)19 b(13])p eop
%%Page: 14 14
14 13 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)208 523 y Fd(ipv4-address)80 b(=)j(1*3digit)48
b(".")i(1*3digit)e(".")h(1*3digit)g(".")g(1*3digit)208
623 y(ipv6-address)80 b(=)j(hexpart)49 b([)g(":")h(ipv4-address)d(])208
722 y(hexpart)330 b(=)83 b(hexseq)49 b(|)g(\()h([)g(hexseq)e(])i("::")f
([)h(hexseq)e(])i(\))208 822 y(hexseq)380 b(=)83 b(1*4hex)49
b(*\()g(":")h(1*4hex)e(\))0 996 y Ff(The)20 b(format)f(of)h(IPv6)f
(addresses)h(is)h(de\002ned)f(in)g(RFC)i(2373)c([12].)0
1292 y Fc(4.1.9)81 b(REMO)m(TE_HOST)0 1522 y Ff(The)23
b(REMO)m(TE_HOST)g(v)n(ariable)g(contains)g(the)h(fully)f(quali\002ed)g
(domain)f(name)i(of)f(the)h(client)g(sending)f(the)g(request)h(to)g
(the)0 1622 y(serv)o(er)m(,)f(if)i(a)n(v)n(ailable,)f(otherwise)f
(NULL.)g(Fully)h(quali\002ed)f(domain)g(names)g(tak)o(e)h(the)g(form)f
(as)h(described)f(in)h(section)g(3.5)f(of)0 1722 y(RFC)f(1034)c([14])i
(and)f(section)h(2.1)g(of)g(RFC)h(1123)e([4].)24 b(Domain)c(names)f
(are)i(not)e(case)i(sensiti)n(v)o(e.)208 1896 y Fd(REMOTE_HOST)180
b(=)83 b("")49 b(|)h(hostname)e(|)i(hostnumber)208 1996
y(hostname)330 b(=)83 b(*\()49 b(domainlabel)f(".")h(\))h(toplabel)208
2095 y(domainlabel)180 b(=)83 b(alphanum)48 b([)i(*alphahypdigit)d
(alphanum)h(])208 2195 y(toplabel)330 b(=)83 b(alpha)49
b([)g(*alphahypdigit)f(alphanum)g(])208 2295 y(alphahypdigit)80
b(=)j(alphanum)48 b(|)i("-")0 2469 y Ff(The)21 b(serv)o(er)f(SHOULD)i
(set)g(this)g(v)n(ariable.)27 b(If)21 b(the)g(hostname)f(is)i(not)f(a)n
(v)n(ailable)g(for)g(performance)d(reasons)j(or)g(otherwise,)g(the)0
2568 y(serv)o(er)e(MA)-9 b(Y)21 b(substitute)f(the)g(REMO)m(TE_ADDR)g
(v)n(alue.)0 2864 y Fc(4.1.10)81 b(REMO)m(TE_IDENT)0
3095 y Ff(The)21 b(REMO)m(TE_IDENT)f(v)n(ariable)h(MA)-9
b(Y)22 b(be)g(used)f(to)h(pro)o(vides)e(identity)h(information)f
(reported)g(about)h(the)g(connection)f(by)0 3194 y(an)h(RFC)i(1413)d
([17])h(request)f(to)i(the)f(remote)g(agent,)g(if)g(a)n(v)n(ailable.)29
b(The)21 b(serv)o(er)f(may)h(choose)g(not)g(to)g(support)f(this)i
(feature,)f(or)0 3294 y(not)f(to)g(request)g(the)g(data)g(for)g(ef)n
(\002cienc)o(y)e(reasons,)i(or)g(not)g(to)g(return)f(a)n(v)n(ailable)h
(identity)f(data.)25 b(The)20 b(serv)o(er)f(should)208
3468 y Fd(REMOTE_IDENT)80 b(=)j(*TEXT)0 3643 y Ff(The)20
b(data)g(returned)e(may)i(be)g(used)g(for)g(authentication)e(purposes,)
g(b)n(ut)j(the)f(le)n(v)o(el)g(of)g(trust)g(reposed)f(in)h(it)h(should)
e(be)h(minimal.)0 3938 y Fc(4.1.11)81 b(REMO)m(TE_USER)0
4169 y Ff(The)23 b(REMO)m(TE_USER)g(v)n(ariable)f(pro)o(vides)g(a)h
(user)h(identi\002cation)e(string)h(supplied)f(by)h(client)h(as)g(part)
f(of)g(user)g(authentica-)0 4268 y(tion.)208 4443 y Fd(REMOTE_USER)81
b(=)h(*TEXT)0 4617 y Ff(If)17 b(the)g(request)g(required)e(HTTP)i
(Authentication)e([9])i(\(i.e.)g(the)g(A)-5 b(UTH_TYPE)17
b(meta-v)n(ariable)e(is)j(set)g(to)f(`Basic')h(or)f(`Digest'\),)0
4717 y(then)j(the)g(v)n(alue)f(of)h(the)h(REMO)m(TE_USER)e(meta-v)n
(ariable)f(MUST)j(be)f(set)h(to)f(the)g(user)n(-ID)g(supplied.)0
5255 y(Robinson)f(&)h(Coar)1009 b(Expires)19 b(15)h(October)f(2003)1008
b([P)o(age)19 b(14])p eop
%%Page: 15 15
15 14 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fc(4.1.12)81 b(REQ)o(UEST_METHOD)0
753 y Ff(The)18 b(REQ)o(UEST_METHOD)g(meta-v)n(ariable)f(MUST)i(be)f
(set)i(to)f(the)f(method)g(that)h(should)e(be)i(used)f(by)h(the)f
(script)h(to)g(process)0 853 y(the)28 b(request,)i(as)f(described)e(in)
h(section)g(5.1.1)f(of)h(the)h(HTTP/1.0)e(speci\002cation)h([2])f(and)h
(section)g(5.1.1)f(of)h(the)h(HTTP/1.1)0 953 y(speci\002cation)19
b([8].)208 1144 y Fd(REQUEST_METHOD)180 b(=)82 b(method)208
1243 y(method)580 b(=)82 b("GET")49 b(|)h("POST")f(|)g("HEAD")g(|)h
(extension-method)208 1343 y(extension-method)80 b(=)i("PUT")49
b(|)h("DELETE")e(|)i(token)0 1534 y Ff(The)20 b(method)f(is)i(case)f
(sensiti)n(v)o(e.)25 b(The)20 b(methods)f(are)h(described)f(in)i
(section)e(4.3.)0 1830 y Fc(4.1.13)81 b(SCRIPT_N)n(AME)0
2060 y Ff(The)29 b(SCRIPT_N)m(AME)h(v)n(ariable)f(MUST)h(be)g(set)g(to)
g(a)h(URI)f(path)f(that)h(could)f(identify)g(the)g(CGI)i(script)f
(\(rather)e(then)i(the)0 2160 y(script')-5 b(s)21 b(output\).)i(The)d
(syntax)f(is)i(the)g(same)f(as)h(for)e(P)-8 b(A)f(TH_INFO)20
b(\(section)g(4.1.5\))208 2334 y Fd(SCRIPT_NAME)81 b(=)h("")50
b(|)f(\()h("/")f(path)g(\))0 2508 y Ff(The)21 b(leading)f("/")h(is)h
(not)f(part)f(of)h(the)g(path.)27 b(It)21 b(is)h(optional)e(if)h(the)g
(path)g(is)h(NULL;)f(ho)n(we)n(v)o(er)m(,)d(the)k(v)n(ariable)d(MUST)j
(still)g(be)f(set)0 2608 y(in)f(that)h(case.)0 2782 y(The)26
b(SCRIPT_N)m(AME)f(string)h(forms)f(some)h(leading)f(part)g(of)h(the)g
(path)f(component)f(of)h(the)h(Script-URI)g(deri)n(v)o(ed)e(in)i(some)0
2882 y(implementation)18 b(de\002ned)i(manner)-5 b(.)24
b(No)d(P)-8 b(A)f(TH_INFO)20 b(se)o(gment)f(\(see)i(section)f(4.1.5\))f
(is)i(included)e(in)i(the)g(SCRIPT_N)m(AME)0 2982 y(v)n(alue.)0
3277 y Fc(4.1.14)81 b(SER)-5 b(VER_N)n(AME)0 3508 y Ff(The)21
b(SER)-7 b(VER_N)m(AME)22 b(v)n(ariable)e(MUST)h(be)h(set)g(to)f(name)g
(of)g(the)g(serv)o(er)g(host)g(to)h(which)e(the)i(client)f(request)g
(is)h(directed.)27 b(It)0 3607 y(is)19 b(a)g(case-insensiti)n(v)o(e)e
(hostname)g(or)g(netw)o(ork)g(address.)24 b(It)19 b(forms)e(the)h(host)
g(part)g(of)g(the)g(Script-URI.)f(The)h(syntax)g(for)f(an)h(IPv6)0
3707 y(address)i(in)g(a)h(URI)f(is)i(de\002ned)d(in)h(RFC)i(2373)d
([12].)208 3881 y Fd(SERVER_NAME)81 b(=)h(server-name)208
3981 y(server-name)f(=)h(hostname)49 b(|)g(ipv4-address)f(|)i(\()f("[")
g(ipv6-address)f("]")h(\))0 4155 y Ff(A)18 b(deplo)o(yed)e(serv)o(er)h
(can)h(ha)n(v)o(e)f(more)g(than)g(one)g(possible)h(v)n(alue)f(for)g
(this)h(v)n(ariable,)f(where)h(se)n(v)o(eral)f(HTTP)h(virtual)f(hosts)h
(share)0 4255 y(the)i(same)h(IP)f(address.)25 b(In)20
b(that)g(case,)g(the)g(serv)o(er)g(uses)g(the)h(contents)e(of)h(the)g
(Host)h(header)e(to)h(select)h(the)f(correct)f(virtual)h(host.)0
4551 y Fc(4.1.15)81 b(SER)-5 b(VER_POR)m(T)0 4781 y Ff(The)19
b(SER)-7 b(VER_POR)i(T)20 b(v)n(ariable)e(MUST)h(be)h(set)g(to)f(the)g
(TCP/IP)h(port)f(number)e(on)i(which)f(this)i(request)f(is)h(recei)n(v)
o(ed)d(from)i(the)0 4881 y(client.)25 b(This)20 b(v)n(alue)g(is)h(used)
f(in)g(the)g(port)g(part)g(of)g(the)g(Script-URI.)0 5255
y(Robinson)f(&)h(Coar)1009 b(Expires)19 b(15)h(October)f(2003)1008
b([P)o(age)19 b(15])p eop
%%Page: 16 16
16 15 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)208 523 y Fd(SERVER_PORT)81 b(=)h(server-port)208
623 y(server-port)f(=)h(1*digit)0 797 y Ff(Note)26 b(that)g(this)h(v)n
(ariable)d(MUST)j(be)f(set)g(to)h(the)f(port)f(number)m(,)g(e)n(v)o(en)
g(if)h(the)g(port)g(is)h(the)f(def)o(ault)f(port)g(for)h(the)g(scheme)f
(and)0 897 y(could)19 b(otherwise)h(be)g(omitted)f(from)h(a)g(URI.)0
1192 y Fc(4.1.16)81 b(SER)-5 b(VER_PR)n(O)m(T)o(OCOL)0
1423 y Ff(The)23 b(SER)-7 b(VER_PR)m(O)m(T)o(OCOL)23
b(v)n(ariable)f(MUST)h(be)h(set)g(to)f(the)g(name)g(and)g(re)n(vision)f
(of)h(the)g(application)f(protocol)f(used)i(for)0 1522
y(this)e(CGI)h(request.)k(This)21 b(is)g(not)g(necessarily)f(the)h
(same)g(as)g(the)g(protocol)e(v)o(ersion)g(used)i(by)f(the)h(serv)o(er)
f(in)h(its)h(response)e(to)h(the)0 1622 y(client.)208
1796 y Fd(SERVER_PROTOCOL)179 b(=)83 b(HTTP-Version)48
b(|)h("INCLUDED")f(|)i(extension-version)208 1896 y(HTTP-Version)329
b(=)83 b("HTTP")49 b("/")g(1*digit)g(".")g(1*digit)208
1996 y(extension-version)79 b(=)k(protocol)49 b([)g("/")g(1*digit)g
(".")g(1*digit)g(])208 2095 y(protocol)529 b(=)83 b(token)0
2270 y Ff(`protocol')17 b(is)j(a)f(v)o(ersion)f(of)g(the)h(scheme)g
(part)g(of)f(the)h(Script-URI,)g(and)f(is)i(not)f(case)g(sensiti)n(v)o
(e.)25 b(By)19 b(con)m(v)o(ention,)d(`protocol')h(is)0
2369 y(in)k(upper)e(case.)28 b(The)20 b(protocol)g(may)g(not)g(be)h
(identical)g(to)g(the)g(scheme)f(of)h(the)f(request;)h(for)f(e)o
(xample,)g(the)h(request)f(may)g(ha)n(v)o(e)0 2469 y(scheme)g(`https',)
f(whilst)i(the)f(protocol)e(is)k(`HTTP'.)0 2643 y(A)28
b(well-kno)n(wn)d(v)n(alue)h(for)h(SER)-7 b(VER_PR)m(O)m(TCOL)27
b(which)g(the)g(serv)o(er)f(MA)-9 b(Y)27 b(use)h(is)g(`INCLUDED',)e
(which)g(signals)h(that)0 2743 y(the)21 b(current)e(document)g(is)i
(being)f(included)f(as)i(part)g(of)f(a)h(composite)e(document,)g
(rather)h(than)g(being)g(the)g(direct)g(tar)o(get)g(of)h(the)0
2842 y(client)f(request.)k(The)c(script)h(MA)-9 b(Y)20
b(treat)h(this)f(as)h(an)f(HTTP/1.0)f(request.)0 3017
y(The)h(serv)o(er)f(MUST)i(set)g(this)f(meta-v)n(ariable.)0
3313 y Fc(4.1.17)81 b(SER)-5 b(VER_SOFTW)-10 b(ARE)0
3543 y Ff(The)23 b(SER)-7 b(VER_SOFTW)d(ARE)24 b(meta-v)n(ariable)d
(MUST)i(be)h(set)f(to)h(the)f(name)f(and)h(v)o(ersion)f(of)h(the)g
(information)e(serv)o(er)h(soft-)0 3643 y(w)o(are)c(answering)g(the)g
(request)g(\(and)f(running)g(the)h(gate)n(w)o(ay\).)23
b(It)18 b(SHOULD)h(be)f(the)h(same)f(as)i(the)e(serv)o(er)f
(description)g(reported)0 3742 y(to)j(the)h(client,)f(if)g(an)o(y)-5
b(.)208 3917 y Fd(SERVER_SOFTWARE)80 b(=)j(1*\()49 b(product)f(|)i
(comment)f(\))208 4016 y(product)480 b(=)83 b(token)48
b([)i("/")f(product-version)e(])208 4116 y(product-version)80
b(=)j(token)208 4215 y(comment)480 b(=)83 b("\(")49 b(*\()g(ctext)g(|)h
(comment)e(\))i("\)")208 4315 y(ctext)580 b(=)83 b(<any)49
b(TEXT)g(excluding)f("\(")h(and)g("\)">)0 4611 y Fc(4.1.18)81
b(Pr)o(otocol-Speci\002c)17 b(Meta-V)-8 b(ariables)0
4841 y Ff(The)29 b(serv)o(er)f(SHOULD)h(set)g(meta-v)n(ariables)f
(speci\002c)h(to)g(the)g(protocol)e(and)h(scheme)h(for)f(the)h
(request.)50 b(Interpretation)27 b(of)0 4941 y(protocol-speci\002c)i(v)
n(ariables)h(depends)f(on)i(the)g(protocol)e(v)o(ersion)h(in)h(SER)-7
b(VER_PR)m(O)m(T)o(OCOL.)31 b(The)g(serv)o(er)f(MA)-9
b(Y)31 b(set)h(a)0 5255 y(Robinson)19 b(&)h(Coar)1009
b(Expires)19 b(15)h(October)f(2003)1008 b([P)o(age)19
b(16])p eop
%%Page: 17 17
17 16 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y(meta-v)n(ariable)h(with)j(the)f(name)g(of)g(the)
h(scheme)f(to)g(a)h(non-NULL)e(v)n(alue)h(if)g(the)h(scheme)f(is)h(dif)
n(ferent)e(to)h(the)h(protocol.)33 b(The)0 623 y(presence)19
b(of)h(such)g(a)h(v)n(ariable)e(indicates)h(to)g(a)h(script)f(which)f
(scheme)h(is)h(used)f(by)g(the)g(request.)0 797 y(Meta-v)n(ariables)i
(with)h(names)h(be)o(ginning)c(with)k(`HTTP_')e(contain)h(v)n(alues)g
(read)g(from)f(the)h(client)h(request)f(header)f(\002elds,)i(if)0
897 y(the)j(protocol)d(used)j(is)g(HTTP)-9 b(.)26 b(The)g(HTTP)h
(header)e(\002eld)i(name)f(is)h(con)m(v)o(erted)d(to)j(upper)e(case,)j
(has)f(all)g(occurrences)d(of)j("-")0 996 y(replaced)20
b(with)h("_")g(and)g(has)g(`HTTP_')f(prepended)f(to)i(gi)n(v)o(e)f(the)
i(meta-v)n(ariable)d(name.)27 b(The)21 b(header)f(data)h(can)g(be)g
(presented)0 1096 y(as)g(sent)f(by)f(the)h(client,)g(or)f(can)h(be)g
(re)n(written)f(in)h(w)o(ays)g(which)f(do)h(not)f(change)g(its)i
(semantics.)j(If)c(multiple)f(header)g(\002elds)h(with)0
1196 y(the)i(same)g(\002eld-name)e(are)i(recei)n(v)o(ed)f(then)g(the)o
(y)g(the)h(serv)o(er)f(MUST)h(re)n(write)g(them)f(as)i(a)f(v)n(alue)f
(ha)n(ving)g(the)h(same)g(semantics.)0 1295 y(Similarly)-5
b(,)28 b(a)g(header)e(\002eld)i(that)f(is)i(recei)n(v)o(ed)d(on)h(more)
f(than)h(one)g(line)h(must)f(be)g(mer)o(ged)f(onto)g(a)i(single)g
(line.)46 b(The)27 b(serv)o(er)0 1395 y(MUST)-6 b(,)21
b(if)h(necessary)-5 b(,)21 b(change)f(the)i(representation)e(of)h(the)h
(data)f(\(for)g(e)o(xample,)f(the)i(character)e(set\))i(to)g(be)g
(appropriate)d(for)i(a)0 1494 y(CGI)g(meta-v)n(ariable.)0
1669 y(The)j(serv)o(er)f(is)i(not)e(required)g(to)h(create)f(meta-v)n
(ariables)g(for)g(all)h(the)g(headers)g(that)g(it)g(recei)n(v)o(es.)36
b(In)24 b(particular)m(,)f(it)h(SHOULD)0 1768 y(remo)o(v)o(e)h(an)o(y)h
(headers)g(carrying)f(authentication)f(information,)i(such)h(as)g(`)-7
b(Authorization';)28 b(or)e(which)h(are)f(a)n(v)n(ailable)h(to)g(the)0
1868 y(script)21 b(via)g(other)f(v)n(ariables,)h(such)f(as)i
(`Content-Length')c(and)i(`Content-T)-7 b(ype'.)25 b(The)c(serv)o(er)f
(MA)-9 b(Y)22 b(remo)o(v)o(e)d(headers)h(which)0 1968
y(relate)g(solely)g(to)h(client-side)e(communication)f(issues,)i(such)g
(as)h(`Connection'.)0 2280 y Fb(4.2)99 b(Request)26 b(Message-Body)0
2510 y Ff(As)f(there)f(may)g(be)g(a)h(data)g(entity)f(attached)f(to)i
(the)f(request,)h(there)f(MUST)g(be)h(a)g(system)f(de\002ned)g(method)f
(for)h(the)g(script)g(to)0 2610 y(read)c(this)g(data.)25
b(Unless)c(de\002ned)e(otherwise,)g(this)i(will)g(be)f(via)g(the)h
(`standard)d(input')h(\002le)i(descriptor)-5 b(.)0 2784
y(If)31 b(the)f(CONTENT_LENGTH)g(is)h(not)g(NULL,)f(the)h(serv)o(er)f
(MUST)h(mak)o(e)f(at)i(least)f(that)g(man)o(y)e(bytes)i(a)n(v)n
(ailable)f(for)h(the)0 2884 y(script)26 b(to)h(read.)42
b(The)26 b(script)g(is)h(not)f(obliged)f(to)h(read)g(the)g(data.)43
b(The)26 b(serv)o(er)f(MA)-9 b(Y)27 b(signal)f(an)g(end-of-\002le)e
(condition)h(after)0 2984 y(CONTENT_LENGTH)15 b(bytes)i(ha)n(v)o(e)g
(been)f(read,)h(b)n(ut)g(is)h(not)f(obliged)e(to)j(do)e(so.)24
b(Therefore,)16 b(the)h(script)g(MUST)g(NO)m(T)g(attempt)0
3083 y(to)j(read)g(more)f(than)h(CONTENT_LENGTH)f(bytes,)g(e)n(v)o(en)h
(if)g(more)g(data)g(is)h(a)n(v)n(ailable.)0 3258 y(F)o(or)g(non-parsed)
f(header)g(\(NPH\))i(scripts)g(\(section)f(5\),)h(the)g(serv)o(er)f
(SHOULD)h(attempt)f(to)h(ensure)f(that)h(the)g(data)g(supplied)e(to)0
3357 y(the)g(script)g(is)i(precisely)d(as)i(supplied)e(to)h(by)g(the)g
(client)h(and)e(is)i(unaltered)e(by)h(the)g(serv)o(er)-5
b(.)0 3532 y(F)o(or)26 b(a)h(re)o(gular)e(parsed-header)e(script,)28
b(the)e(serv)o(er)g(MUST)g(remo)o(v)o(e)f(an)o(y)g(transfer)n(-codings)
f(from)h(the)i(message-body)c(\(and)0 3631 y(re-caclcuate)c(the)h
(CONTENT_LENGTH\),)e(and)i(it)h(MA)-9 b(Y)20 b(remo)o(v)o(e)f(an)o(y)g
(content-codings.)0 3944 y Fb(4.3)99 b(Request)26 b(Methods)0
4174 y Ff(The)f(Request)g(Method,)g(as)g(supplied)f(in)h(the)g(REQ)o
(UEST_METHOD)f(meta-v)n(ariable,)g(identi\002es)h(the)g(processing)f
(method)0 4274 y(to)d(be)g(applied)f(by)g(the)h(script)g(in)g
(producing)e(a)i(response.)26 b(The)21 b(script)g(author)e(can)i
(choose)f(to)h(implement)f(the)h(methods)f(most)0 4373
y(appropriate)27 b(for)h(the)h(particular)e(application.)50
b(If)28 b(the)h(script)g(recei)n(v)o(es)f(a)i(request)e(with)h(a)g
(method)f(it)h(does)g(not)f(support)g(it)0 4473 y(SHOULD)20
b(reject)h(it)f(with)h(an)f(error)f(\(see)h(section)g(6.3.3\).)0
5255 y(Robinson)f(&)h(Coar)1009 b(Expires)19 b(15)h(October)f(2003)1008
b([P)o(age)19 b(17])p eop
%%Page: 18 18
18 17 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fc(4.3.1)81 b(GET)0 753 y Ff(The)21
b(GET)g(method)f(method)g(indicates)h(that)h(the)f(script)g(should)f
(produce)g(a)i(document)d(based)i(on)g(the)g(meta-v)n(ariable)e(v)n
(alues.)0 853 y(By)f(con)m(v)o(ention,)d(the)j(GET)g(method)f(is)i
(`safe')e(and)h(`idempotent')d(and)i(SHOULD)i(NO)m(T)e(ha)n(v)o(e)h
(the)g(the)g(signi\002cance)f(of)g(taking)0 953 y(an)j(action)g(other)f
(than)h(producing)d(a)k(document.)0 1127 y(The)f(meaning)f(of)g(the)i
(GET)f(method)f(may)g(be)h(modi\002ed)f(and)h(re\002ned)f(by)h
(protocol-speci\002c)e(meta-v)n(ariables.)0 1423 y Fc(4.3.2)81
b(POST)0 1653 y Ff(The)22 b(POST)g(method)e(is)j(used)f(to)g(request)f
(the)h(script)g(perform)e(processing)g(and)i(produce)e(a)i(document)e
(based)h(on)h(the)g(data)f(in)0 1753 y(the)f(request)f(message)h(body)
-5 b(,)18 b(in)i(addition)f(to)h(meta-v)n(ariable)e(v)n(alues.)25
b(A)20 b(common)e(use)j(is)g(form)e(submission)g(in)h(HTML)g([15],)0
1852 y(intended)f(to)h(initate)g(processing)f(by)h(the)g(script)g(that)
h(has)f(a)h(permanent)d(af)n(fect,)h(such)h(a)h(change)e(in)h(a)h
(database.)0 2027 y(The)29 b(script)h(MUST)g(check)e(the)i(v)n(alue)f
(of)g(the)h(CONTENT_LENGTH)e(v)n(ariable)g(before)g(reading)g(the)i
(attached)f(message)0 2126 y(body)-5 b(,)18 b(and)i(SHOULD)g(check)g
(the)g(CONTENT_TYPE)f(v)n(alue)g(before)g(processing)g(it.)0
2422 y Fc(4.3.3)81 b(HEAD)0 2653 y Ff(The)20 b(HEAD)g(method)e
(requests)i(the)g(script)f(to)h(do)g(the)g(suf)n(\002cient)f
(processing)g(to)h(return)f(the)g(response)g(header)g(\002elds,)h
(without)0 2752 y(pro)o(viding)29 b(a)j(response)e(message)i(body)-5
b(.)57 b(The)31 b(script)h(MUST)g(NO)m(T)f(pro)o(vide)e(a)j(response)f
(message)g(body)g(for)f(a)i(HEAD)0 2852 y(request.)24
b(If)19 b(it,)h(does)f(conformance)e(to)i(the)h(HTTP)f(standard)f(w)o
(ould)h(REQ)o(UIRE)h(a)f(serv)o(er)g(to)h(remo)o(v)o(e)d(the)i
(response)g(message)0 2951 y(body)g(when)g(returning)f(the)j(request)e
(to)i(the)f(client.)0 3247 y Fc(4.3.4)81 b(Pr)o(otocol-Speci\002c)18
b(Methods)0 3478 y Ff(The)28 b(script)g(MA)-9 b(Y)29
b(implement)e(an)o(y)g(protocol-speci\002c)f(method,)i(such)g(as)h
(HTTP/1.1)e(PUT)i(and)e(DELETE;)g(it)i(SHOULD)0 3577
y(check)19 b(the)i(v)n(alue)e(for)h(SER)-7 b(VER_PR)m(O)m(T)o(OCOL)20
b(when)f(doing)g(so.)0 3752 y(The)29 b(serv)o(er)g(MA)-9
b(Y)30 b(decide)f(that)h(some)f(methods)g(are)g(not)g(appropriate)f(or)
h(permitted)f(for)h(a)h(script,)i(and)d(may)g(handle)g(the)0
3851 y(methods)19 b(itself)i(or)f(return)f(an)h(error)f(to)h(the)h
(client.)0 4164 y Fb(4.4)99 b(The)26 b(Script)g(Command)f(Line)0
4394 y Ff(Some)17 b(systems)i(support)d(a)i(method)f(for)g(supplying)f
(an)h(array)g(of)h(strings)g(to)g(the)f(CGI)i(script.)24
b(This)18 b(is)g(only)f(used)h(in)g(the)g(case)g(of)0
4494 y(an)f(`inde)o(x)o(ed')d(HTTP)j(query)-5 b(.)22
b(This)17 b(is)h(identi\002ed)e(by)h(a)g(`GET')f(or)h(`HEAD')f(request)
h(with)g(a)g(URI)h(query)d(string)i(not)f(containing)0
4593 y(an)o(y)24 b(unencoded)d("=")k(characters.)36 b(F)o(or)24
b(such)g(a)h(request,)f(the)h(serv)o(er)e(SHOULD)i(treat)f(the)h
(query-string)c(as)k(a)g(search-string)0 4693 y(and)20
b(parse)g(it)g(into)g(w)o(ords,)g(using)g(the)g(rules)208
4867 y Fd(search-string)80 b(=)j(search-word)48 b(*\()h("+")g
(search-word)f(\))208 4967 y(search-word)180 b(=)83 b(1*schar)0
5255 y Ff(Robinson)19 b(&)h(Coar)1009 b(Expires)19 b(15)h(October)f
(2003)1008 b([P)o(age)19 b(18])p eop
%%Page: 19 19
19 18 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)208 523 y Fd(schar)480 b(=)83 b(unreserved)48
b(|)i(escape)e(|)i(xreserved)208 623 y(xreserved)280
b(=)83 b(";")49 b(|)h("/")f(|)h("?")f(|)h(":")f(|)h("@")f(|)g("&")h(|)f
("=")h(|)f(",")g(|)1071 722 y("$")0 897 y Ff(After)20
b(parsing,)e(each)i(search-w)o(ord)e(is)j(URL-decoded,)c(optionally)i
(encoded)f(in)i(a)g(system)g(de\002ned)f(manner)g(and)g(then)h(added)0
996 y(to)g(the)h(ar)o(gument)c(list.)0 1171 y(If)22 b(the)g(serv)o(er)f
(cannot)g(create)h(an)o(y)f(part)h(of)f(the)i(ar)o(gument)c(list,)24
b(then)d(the)h(serv)o(er)f(MUST)i(NO)m(T)e(generate)g(an)o(y)g(command)
f(line)0 1270 y(information.)33 b(F)o(or)23 b(e)o(xample,)f(the)i
(number)e(of)h(ar)o(guments)e(may)j(be)f(greater)g(than)g(operating)e
(system)j(or)f(serv)o(er)g(limitations,)0 1370 y(or)d(one)g(of)f(the)i
(w)o(ords)f(may)f(not)h(be)g(representable)f(as)h(an)h(ar)o(gument.)0
1544 y(The)34 b(script)f(SHOULD)h(check)g(to)g(see)g(if)g(the)g(Q)o
(UER)-5 b(Y_STRING)33 b(v)n(alue)h(contains)f(an)h(unencoded)d("=")j
(character)m(,)h(and)0 1644 y(SHOULD)20 b(NO)m(T)g(use)h(the)f(command)
e(line)j(ar)o(guments)d(if)i(it)h(does.)0 1999 y Fe(5)119
b(NPH)31 b(Scripts)0 2276 y Fb(5.1)99 b(Indenti\002cation)0
2506 y Ff(The)26 b(serv)o(er)f(MA)-9 b(Y)26 b(support)f(NPH)h(\(Non-P)o
(arsed)e(Header\))h(scripts;)k(these)d(are)g(scripts)g(to)g(which)g
(the)g(serv)o(er)f(passes)h(all)h(re-)0 2606 y(sponsbility)19
b(for)h(response)f(processing.)0 2780 y(This)i(speci\002cation)g(pro)o
(vides)e(no)i(mechanism)e(for)i(an)g(NPH)h(script)f(to)g(be)g
(identi\002ed)f(on)h(the)g(basis)h(of)f(its)h(output)d(data)i(alone.)0
2880 y(By)g(con)m(v)o(ention,)d(therefore,)h(an)o(y)h(particular)g
(script)h(can)f(only)g(e)n(v)o(er)g(pro)o(vide)f(output)h(of)h(one)f
(type)g(\(NPH)h(or)g(CGI\))g(and)f(hence)0 2979 y(the)25
b(script)g(itself)g(is)h(described)d(as)j(an)e(`NPH)h(script'.)39
b(A)25 b(serv)o(er)f(with)h(NPH)g(support)f(MUST)h(pro)o(vide)e(an)h
(implemenation-)0 3079 y(de\002ned)19 b(mechanism)g(for)h(identifying)e
(NPH)j(scripts,)f(perhaps)f(based)h(on)f(the)i(name)e(or)h(location)f
(of)h(the)g(script.)0 3391 y Fb(5.2)99 b(NPH)24 b(Response)0
3622 y Ff(There)e(MUST)i(be)f(a)h(system)f(de\002ned)f(method)g(for)h
(the)g(script)g(to)h(send)f(data)g(back)f(to)i(the)f(serv)o(er)g(or)g
(client;)h(a)g(script)f(MUST)0 3721 y(al)o(w)o(ays)e(return)e(some)h
(data.)k(Unless)d(de\002ned)e(otherwise,)h(this)g(will)h(be)f(the)h
(same)f(as)h(for)e(con)m(v)o(entional)f(CGI)i(scripts.)0
3896 y(Currently)-5 b(,)14 b(NPH)i(scripts)g(are)f(only)g(de\002ned)f
(for)h(HTTP)g(client)h(requests.)23 b(An)15 b(\(HTTP\))g(NPH)h(script)f
(MUST)h(return)e(a)i(complete)0 3995 y(HTTP)g(response)f(message,)h(as)
h(described)d(in)i(section)f(6)h(of)g(the)g(HTTP)g(speci\002cations)f
([2],)h([8],)f(as)i(re)n(vised)e(from)g(time)h(to)g(time.)0
4095 y(The)22 b(script)h(MUST)g(use)g(the)f(SER)-7 b(VER_PR)m(O)m(T)o
(OCOL)23 b(v)n(ariable)e(to)i(determine)e(the)i(appropriate)d(format)i
(for)g(a)h(response.)31 b(It)0 4194 y(MUST)21 b(also)g(tak)o(e)g
(account)f(of)g(an)o(y)h(generic)e(or)i(protocol-speci\002c)d(meta-v)n
(ariables)i(in)h(the)f(request)h(as)g(might)g(be)f(manadated)0
4294 y(by)g(the)g(particular)f(protocol)f(speci\002cation.)0
4468 y(The)g(serv)o(er)g(MUST)h(ensure)f(that)h(the)g(script)g(output)e
(is)j(sent)f(to)g(the)g(client)g(unmodi\002ed.)j(Note)d(that)g(this)g
(requires)f(the)h(script)f(to)0 4568 y(use)24 b(correct)e(character)h
(set)h(\(US-ASCII)f([20])g(and)g(ISO-Latin-1)f([21])g(for)h(HTTP\))h
(in)g(the)f(headers.)34 b(The)24 b(serv)o(er)e(SHOULD)0
4668 y(attempt)d(to)h(ensure)f(that)h(the)f(script)h(output)e(is)j
(sent)f(directly)f(to)h(the)f(client,)h(with)g(minimal)f(internal)f
(and)i(no)f(transport-visible)0 4767 y(b)n(uf)n(fering.)0
4942 y(Unless)26 b(the)g(implementation)e(de\002nes)h(otherwise,)h(the)
g(script)g(MUST)g(NO)m(T)g(indicate)f(in)h(its)g(response)f(that)h(the)
g(client)g(can)0 5255 y(Robinson)19 b(&)h(Coar)1009 b(Expires)19
b(15)h(October)f(2003)1008 b([P)o(age)19 b(19])p eop
%%Page: 20 20
20 19 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y(send)g(further)f(requests)g(o)o(v)o(er)g(the)h
(same)h(connection.)0 878 y Fe(6)119 b(CGI)30 b(Response)0
1155 y Fb(6.1)99 b(Response)26 b(Handling)0 1385 y Ff(A)e(script)f
(MUST)h(al)o(w)o(ays)f(pro)o(vide)f(a)i(non-empty)c(response,)j(and)g
(so)h(there)e(MUST)i(be)f(a)h(system)f(de\002ned)g(method)f(for)g(it)i
(to)0 1485 y(send)j(this)h(data)f(back)f(to)h(the)h(serv)o(er)e(or)h
(client.)46 b(Unless)27 b(de\002ned)g(otherwise,)h(this)f(will)h(be)f
(via)g(the)h(`standard)d(output')h(\002le)0 1584 y(descriptor)-5
b(.)0 1759 y(The)27 b(script)h(MUST)g(check)f(the)h(REQ)o(UEST_METHOD)f
(v)n(ariable)g(when)g(processing)f(the)i(request)f(and)g(preparing)f
(its)j(re-)0 1858 y(sponse.)0 2033 y(The)f(serv)o(er)g(MA)-9
b(Y)30 b(implement)d(a)i(timeout)f(period)g(within)g(which)g(data)h
(must)g(be)f(recei)n(v)o(ed)g(from)f(the)i(script.)51
b(If)28 b(a)h(serv)o(er)0 2132 y(implementation)24 b(de\002nes)i(such)h
(a)g(timeout)e(and)h(recei)n(v)o(es)g(no)g(data)g(from)g(a)h(script)f
(within)g(the)h(timeout)e(period,)i(the)f(serv)o(er)0
2232 y(MA)-9 b(Y)21 b(terminate)e(the)h(script)g(process.)0
2544 y Fb(6.2)99 b(Response)26 b(T)-7 b(ypes)0 2775 y
Ff(The)20 b(response)f(comprises)h(a)g(header)f(and)h(a)g(body)-5
b(,)19 b(separated)g(by)h(a)g(blank)f(line.)25 b(The)20
b(body)f(may)h(be)g(NULL.)208 2949 y Fd(generic-response)80
b(=)i(1*header-field)48 b(NL)h([Entity-Body])0 3123 y
Ff(The)27 b(script)g(MUST)g(return)f(one)g(of)h(either)g(a)g(document)e
(response,)j(a)f(local)g(redirect)f(response)g(or)h(a)h(client)f
(redirect)f(\(with)0 3223 y(optional)g(document\))e(response.)45
b(In)27 b(the)g(repsonse)f(de\002nitions)g(belo)n(w)-5
b(,)27 b(the)g(order)f(of)h(header)f(\002elds)h(in)g(a)h(response)e(is)
i(not)0 3323 y(sign\002cant)20 b(\(despite)f(appearing)f(so)j(in)f(the)
g(BNF\).)h(The)f(header)f(\002elds)i(are)f(de\002ned)f(in)h(section)g
(6.3.)208 3497 y Fd(CGI-Response)80 b(=)j(document-response)47
b(|)i(local-redir-response)e(|)1021 3597 y(client-redir-response)f(|)k
(client-redirdoc-response)0 3892 y Fc(6.2.1)81 b(Document)20
b(Response)0 4123 y Ff(The)i(CGI)g(script)g(can)g(return)f(a)h
(document)e(to)i(the)g(user)g(in)g(a)h(document)d(response,)h(with)h
(an)g(optional)f(error)g(code)g(indicating)0 4222 y(the)f(success)h
(status)g(of)f(the)g(response.)208 4397 y Fd(document-response)79
b(=)k(Content-Type)48 b([)h(Status)g(])h(*other-field)d(NL)1270
4496 y(Entity-Body)0 4671 y Ff(The)25 b(script)h(MUST)g(return)e(a)i
(Content-T)-7 b(ype)24 b(header)g(\002eld.)42 b(A)26
b(Status)g(header)e(\002eld)i(is)h(optional,)e(and)g(status)i(200)d
(`OK')i(is)0 4770 y(assumed)21 b(if)i(it)f(is)h(ommitted.)29
b(The)22 b(serv)o(er)f(MUST)h(mak)o(e)f(an)o(y)g(appropriate)f
(modi\002cations)g(to)i(the)g(script')-5 b(s)23 b(output)d(to)i(ensure)
0 4870 y(that)e(the)g(response)g(to)g(the)g(client)h(complies)e(with)h
(the)h(response)e(protocol)f(v)o(ersion.)0 5255 y(Robinson)h(&)h(Coar)
1009 b(Expires)19 b(15)h(October)f(2003)1008 b([P)o(age)19
b(20])p eop
%%Page: 21 21
21 20 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fc(6.2.2)81 b(Local)20 b(Redir)o(ect)g(Response)
0 753 y Ff(The)30 b(CGI)i(script)f(can)f(return)g(a)h(URI)g(path)g(and)
f(query-string)e(\(`local-pathquery'\))e(for)k(a)h(local)g(resource)f
(in)h(a)g(Location)0 853 y(header)-5 b(.)24 b(This)d(indicates)e(to)i
(the)f(serv)o(er)f(that)i(it)g(should)e(re-process)g(the)h(request)f
(using)h(the)g(path)g(speci\002ed.)208 1027 y Fd(local-redir-response)
79 b(=)k(local-Location)47 b(NL)0 1202 y Ff(The)19 b(script)g(MUST)g
(NO)m(T)h(return)e(an)o(y)g(other)g(head)h(\002elds)g(or)g(an)h(entity)
e(body)-5 b(,)18 b(and)g(the)i(serv)o(er)e(MUST)h(generate)f(the)i
(response)0 1301 y(that)g(it)h(w)o(ould)f(ha)n(v)o(e)f(produced)f(in)i
(response)g(to)g(a)h(request)e(containing)f(the)j(URL)208
1542 y Fd(scheme)48 b("://")h(server-name)f(":")h(server-port)f
(local-pathquery)0 1838 y Fc(6.2.3)81 b(Client)21 b(Redir)o(ect)e
(Response)0 2068 y Ff(The)31 b(CGI)h(script)f(can)g(return)f(an)h
(absolute)g(URI)h(path)f(in)g(a)h(Location)e(header)m(,)i(to)f
(indicate)g(to)h(the)f(client)g(that)h(it)g(should)0
2168 y(re-process)19 b(the)h(request)g(using)f(the)h(URI)h
(speci\002ed.)208 2342 y Fd(client-redir-response)79
b(=)j(client-Location)48 b(*other-field)f(NL)0 2517 y
Ff(The)23 b(script)h(MUST)f(not)h(pro)o(vide)d(an)o(y)i(other)f(header)
h(\002elds.)35 b(F)o(or)23 b(an)h(HTTP)f(client)h(request,)f(the)h
(serv)o(er)e(MUST)i(generate)e(a)0 2616 y(302)d(`F)o(ound')f(HTTP)j
(response)e(message.)0 2912 y Fc(6.2.4)81 b(Client)21
b(Redir)o(ect)e(Response)i(with)g(Document)0 3142 y Ff(The)29
b(CGI)h(script)f(can)g(return)f(an)i(absolute)e(URI)i(path)f(in)g(a)h
(Location)e(header)g(together)g(with)h(an)h(attached)e(document,)h(to)0
3242 y(indicate)20 b(to)g(the)g(client)g(that)h(it)g(should)e
(re-process)g(the)h(request)f(using)h(the)g(URI)h(speci\002ed.)208
3416 y Fd(client-redirdoc-response)78 b(=)83 b(client-Location)47
b(Status)i(Content-Type)1619 3516 y(*other-field)f(NL)h(Entity-Body)0
3690 y Ff(The)22 b(Status)h(header)e(\002eld)i(MUST)g(be)f(supplied)g
(and)f(MUST)i(contain)f(a)g(status)i(v)n(alue)d(of)i(302)e(`F)o(ound'.)
30 b(The)22 b(serv)o(er)f(MUST)0 3790 y(mak)o(e)i(an)o(y)g(appropriate)
f(modi\002cations)g(to)i(the)g(script')-5 b(s)24 b(output)f(to)h
(ensure)f(that)h(the)g(response)f(to)h(the)f(client)h(complies)f(with)0
3890 y(the)d(response)f(protocol)g(v)o(ersion.)0 4202
y Fb(6.3)99 b(Response)26 b(Header)f(Fields)0 4432 y
Ff(The)i(header)f(\002elds)h(are)g(either)g(CGI)h(or)e(e)o(xtension)g
(header)g(\002elds)h(to)h(be)f(interpreted)e(by)i(the)g(serv)o(er)m(,)g
(or)g(protocol-speci\002c)0 4532 y(headers)c(to)i(be)f(included)f(in)h
(the)g(response)f(returned)g(to)h(the)g(client.)37 b(At)25
b(least)g(one)f(CGI)g(\002eld)h(MUST)f(be)g(supplied,)g(and)g(no)0
4632 y(CGI)d(\002eld)f(can)g(be)g(used)g(more)f(than)h(once)g(in)g(a)h
(response.)j(The)c(response)f(headers)g(ha)n(v)o(e)h(the)g(syntax:)208
4806 y Fd(header-field)230 b(=)83 b(CGI-field)48 b(|)h(other-field)208
4906 y(CGI-field)380 b(=)83 b(Content-Type)47 b(|)j(Location)e(|)i
(Status)208 5005 y(other-field)280 b(=)83 b(protocol-field)47
b(|)i(extension-field)0 5255 y Ff(Robinson)19 b(&)h(Coar)1009
b(Expires)19 b(15)h(October)f(2003)1008 b([P)o(age)19
b(21])p eop
%%Page: 22 22
22 21 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)208 523 y Fd(protocol-field)130 b(=)83
b(generic-field)208 623 y(extension-field)d(=)j(generic-field)208
722 y(generic-field)180 b(=)83 b(field-name)48 b(":")h([)g(field-value)
f(])i(NL)208 822 y(field-name)330 b(=)83 b(token)208
922 y(field-value)280 b(=)83 b(*\()49 b(field-content)e(|)j(LWSP)f(\))
208 1021 y(field-content)180 b(=)83 b(*\()49 b(token)g(|)h(separator)e
(|)h(quoted-string)f(\))0 1196 y Ff(The)24 b(\002eld-name)f(is)i(not)f
(case)h(sensiti)n(v)o(e.)37 b(A)25 b(NULL)f(\002eld)g(v)n(alue)g(is)h
(equi)n(v)n(alent)e(to)h(a)h(\002eld)f(not)g(being)g(sent.)37
b(Note)25 b(that)f(each)0 1295 y(header)19 b(\002eld)i(in)f(a)h
(CGI-Response)f(MUST)h(be)f(speci\002ed)g(on)g(a)h(single)f(line;)h
(CGI/1.1)f(does)g(not)g(support)f(continuation)f(lines.)0
1395 y(Whitespace)i(is)g(permitted)f(between)g(the)h(":")g(and)f(the)h
(\002eld-v)n(alue)e(\(b)n(ut)i(not)f(between)g(the)h(\002eld-name)e
(and)i(the)f(":"\),)h(and)f(also)0 1494 y(between)g(tok)o(ens)h(in)g
(the)h(\002eld-v)n(alue.)0 1790 y Fc(6.3.1)81 b(Content-T)-6
b(ype)0 2021 y Ff(The)25 b(Content-T)-7 b(ype)23 b(response)g(\002eld)j
(sets)f(Internet)f(Media)h(T)-7 b(ype)24 b([10])g(of)g(the)h(entity)g
(body)-5 b(,)24 b(which)g(SHOULD)h(be)g(sent)g(un-)0
2120 y(modi\002ed)19 b(to)h(the)h(client,)f(e)o(xcept)f(for)g(an)o(y)h
(required)e(transfer)n(-codings)g(or)i(content-codings.)208
2295 y Fd(Content-Type)80 b(=)j("Content-Type:")47 b(media-type)h(NL)0
2469 y Ff(If)22 b(a)h(entity)f(body)f(is)i(returned,)e(the)h(script)h
(MUST)f(supply)g(a)g(Content-T)-7 b(ype)21 b(\002eld)h(in)h(the)f
(response.)31 b(If)22 b(it)h(f)o(ails)g(to)g(do)f(so,)h(the)0
2568 y(serv)o(er)i(SHOULD)h(NO)m(T)f(attempt)h(to)g(determine)e(the)i
(correct)e(content)h(type.)41 b(This)26 b(\002eld)g(MUST)g(NO)m(T)g
(appear)e(more)h(than)0 2668 y(once)20 b(in)g(the)g(repsonse.)0
2842 y(Unless)e(it)f(is)i(otherwise)d(system-de\002ned,)g(the)h(def)o
(ault)f(charset)h(assumed)g(by)f(the)h(client)g(for)g(te)o(xt)g
(media-types)e(is)j(ISO-8859-1)0 2942 y(if)25 b(the)g(protocol)e(is)i
(HTTP)g(and)f(US-ASCII)h(otherwise.)37 b(Hence)25 b(the)f(script)h
(SHOULD)g(include)e(a)j(charset)e(parameter)-5 b(.)37
b(See)0 3042 y(section)20 b(3.4.1)f(of)h(the)g(HTTP/1.1)f
(speci\002cation)g([8])h(for)g(a)g(discussion)g(of)g(this.)0
3337 y Fc(6.3.2)81 b(Location)0 3568 y Ff(The)26 b(Location)f(header)g
(\002eld)i(is)g(used)f(to)h(specify)e(to)i(the)f(serv)o(er)g(that)g
(the)h(script)f(is)h(returning)e(a)i(reference)d(to)j(a)g(document)0
3667 y(rather)22 b(than)g(an)g(actual)h(document.)30
b(It)23 b(is)g(either)f(an)h(absolute)f(URI)h(\(with)f(fragment\),)f
(indicating)g(that)i(the)f(client)h(is)g(to)g(fetch)0
3767 y(the)h(referenced)e(document,)h(or)h(a)g(local)h(path)e(\(with)h
(query)f(string\),)h(indicating)f(that)h(the)g(serv)o(er)g(is)h(to)f
(fetch)g(the)g(referenced)0 3867 y(document.)208 4041
y Fd(Location)430 b(=)83 b(local-Location)47 b(|)i(client-Location)208
4141 y(client-Location)80 b(=)j("Location:")47 b(fragment-URI)h(NL)208
4240 y(local-Location)130 b(=)83 b("Location:")47 b(local-pathquery)g
(NL)208 4340 y(fragment-URI)230 b(=)83 b(absoluteURI)47
b([)j(#)g(fragment)e(])208 4440 y(fragment)430 b(=)83
b(*uric)208 4539 y(local-pathquery)d(=)j(abs-path)48
b([)i("?")f(query-string)e(])0 4714 y Ff(The)24 b(syntax)g(of)g(an)g
(absoluteURI)g(is)h(incorporated)d(into)i(this)h(document)d(from)i
(that)g(speci\002ed)g(in)h(RFC)g(2396)e([3])h(and)g(RFC)0
4813 y(2732)h([11].)44 b(The)26 b(tw)o(o)h(forms)f(can)h(be)f
(distingished)g(as)h(a)g(local-pathquery)d(must)i(start)i(with)f(a)g
("/")g(character)m(,)f(whereas)h(an)0 4913 y(absoluteURI)19
b(must)i(start)f(with)h(a)f(scheme;)g(scheme)g(names)g(cannot)f
(contain)g("/")i(characters.)0 5255 y(Robinson)e(&)h(Coar)1009
b(Expires)19 b(15)h(October)f(2003)1008 b([P)o(age)19
b(22])p eop
%%Page: 23 23
23 22 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y(Note)28 b(that)h(an)o(y)e(message)i(body)e
(attached)g(to)i(the)f(request)g(\(such)g(as)h(for)f(a)g(POST)h
(request\))f(may)g(not)g(be)g(a)n(v)n(ailable)g(to)h(the)0
623 y(resource)19 b(that)h(is)h(the)g(tar)o(get)e(of)h(the)g(redirect.)
k(This)c(\002eld)h(MUST)f(NO)m(T)g(appear)f(more)h(than)f(once)h(in)g
(the)g(repsonse.)0 918 y Fc(6.3.3)81 b(Status)0 1149
y Ff(The)26 b(Status)i(header)d(\002eld)i(is)g(used)g(to)g(indicate)f
(to)g(the)h(serv)o(er)f(what)h(status)g(code)f(the)h(serv)o(er)e(MUST)i
(use)g(in)g(the)g(response)0 1248 y(message.)208 1423
y Fd(Status)430 b(=)83 b("Status:")48 b(status-code)g(SP)h
(reason-phrase)f(NL)208 1522 y(status-code)180 b(=)83
b(200)49 b(|)h(302)f(|)h(400)f(|)h(501)f(|)h(3digit)208
1622 y(reason-phrase)80 b(=)j(*TEXT)0 1796 y Ff(Status)24
b(code)g(200)f(`OK')g(indicates)h(success,)h(and)e(is)i(the)f(def)o
(ault)f(v)n(alue)h(assumed)f(for)g(a)i(document)d(response.)35
b(Status)24 b(code)0 1896 y(302)e(`F)o(ound')g(is)i(used)f(with)h(a)g
(Location)e(header)n(-\002eld)f(and)i(response)g(entity)g(body)-5
b(.)32 b(Status)24 b(code)f(400)g(`Bad)g(Request')g(may)0
1996 y(be)e(used)g(for)g(an)g(unkno)n(wn)e(request)h(format,)g(such)h
(as)h(a)g(missing)f(CO)m(TENT_TYPE.)f(Status)h(code)g(501)f(`Not)h
(Implemented')0 2095 y(may)f(be)g(returned)e(by)i(a)h(script)f(if)g(it)
h(recei)n(v)o(es)f(an)g(unsupported)d(REQ)o(UEST_METHOD.)0
2270 y(Other)22 b(v)n(alid)h(status)g(codes)g(are)f(listed)i(in)f
(section)f(6.1.1)g(of)g(the)h(HTTP)g(speci\002cations)f([2],)h([8],)f
(and)h(also)g(the)g(IAN)m(A)f(HTTP)0 2369 y(Status)e(Code)e(Re)o
(gistry)h([18],)f(and)g(can)h(be)g(used)g(in)g(addition)f(to)h(or)g
(instead)g(of)f(the)h(ones)g(listed)h(abo)o(v)o(e.)j(The)18
b(script)h(SHOULD)0 2469 y(check)g(the)i(v)n(alue)e(of)h(SER)-7
b(VER_PR)m(O)m(T)o(OCOL)20 b(before)f(using)g(HTTP/1.1)h(status)g
(codes.)0 2643 y(Note)c(that)g(returning)d(an)j(error)f(status)h(code)f
(does)h(not)f(ha)n(v)o(e)h(to)f(mean)h(an)f(error)g(condition)f(with)i
(the)g(script)g(itself.)24 b(F)o(or)15 b(e)o(xample,)0
2743 y(a)25 b(script)g(that)g(is)h(in)m(v)n(ok)o(ed)d(as)j(an)f(error)e
(handler)h(by)g(the)h(serv)o(er)f(should)g(return)g(the)h(code)f
(appropriate)e(to)j(the)g(serv)o(er')-5 b(s)25 b(error)0
2842 y(condition.)e(This)e(\002eld)f(MUST)g(NO)m(T)g(appear)f(more)h
(than)f(once)h(in)g(the)g(repsonse.)0 3017 y(The)g(reason-phrase)e(is)j
(a)f(te)o(xtual)g(description)f(of)g(the)i(error)e(to)h(be)g(returned)f
(to)h(the)g(client)g(for)g(human)f(consumption.)0 3313
y Fc(6.3.4)81 b(Pr)o(otocol-Speci\002c)18 b(Header)h(Fields)0
3543 y Ff(The)k(script)g(MA)-9 b(Y)23 b(return)f(an)o(y)g(other)g
(headers)g(that)h(relate)g(to)g(the)g(response)f(message)h(de\002ned)f
(by)g(the)h(speci\002cation)f(for)h(the)0 3643 y(SER)-7
b(VER_PR)m(O)m(T)o(OCOL)26 b(\(HTTP/1.0)g([2])g(or)g(HTTP/1.1)g([8]\).)
43 b(The)26 b(serv)o(er)g(MUST)h(translate)f(the)h(header)e(data)i
(from)f(the)0 3742 y(CGI)g(header)e(syntax)h(to)h(the)g(HTTP)f(header)g
(syntax)g(if)g(these)h(dif)n(fer)-5 b(.)41 b(F)o(or)25
b(e)o(xample,)g(the)h(character)e(sequence)g(for)h(ne)n(wline)0
3842 y(\(such)c(as)i(UNIX')-5 b(s)22 b(US-ASCII)g(LF\))g(used)g(by)f
(CGI)i(scripts)f(may)f(not)h(be)g(the)g(same)g(as)g(that)g(used)g(by)g
(HTTP)g(\(US-ASCII)f(CR)0 3941 y(follo)n(wed)e(by)h(LF\).)0
4116 y(The)26 b(script)g(MUST)g(NO)m(T)f(return)g(an)o(y)g(header)g
(\002elds)i(that)f(relate)f(to)i(client-side)e(communcation)e(issues)k
(and)e(could)g(af)n(fect)0 4215 y(the)h(serv)o(er')-5
b(s)26 b(ability)f(to)h(send)g(the)g(response)f(to)h(the)g(client.)43
b(The)25 b(serv)o(er)h(MA)-9 b(Y)26 b(remo)o(v)o(e)e(an)o(y)h(such)h
(header)f(\002elds)h(returned)0 4315 y(by)c(the)g(client.)30
b(It)22 b(SHOULD)g(resolv)o(e)f(an)o(y)g(con\003icts)h(between)f
(headers)g(returned)g(by)g(the)h(script)g(and)f(headers)h(that)g(it)g
(w)o(ould)0 4415 y(otherwise)e(send)f(itself.)0 5255
y(Robinson)g(&)h(Coar)1009 b(Expires)19 b(15)h(October)f(2003)1008
b([P)o(age)19 b(23])p eop
%%Page: 24 24
24 23 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fc(6.3.5)81 b(Extension)20 b(Header)g(Fields)0
753 y Ff(The)f(serv)o(er)f(may)h(de\002ne)f(additional)g
(implementation-speci\002c)e(CGI)k(header)e(\002elds,)h(whoses)g
(\002eld)h(names)e(SHOULD)i(be)o(gin)0 853 y(with)g(`X-CGI-'.)k(It)d
(MA)-9 b(Y)21 b(ignore)d(\(and)i(delete\))f(an)o(y)h(unrecognised)d
(header)n(-\002elds)i(with)h(names)g(be)o(ginning)e(`X-CGI-'.)0
1165 y Fb(6.4)99 b(Response)26 b(Message)e(Body)0 1396
y Ff(The)i(response)g(entity)h(body)e(is)j(a)f(message)g(body)e(to)i
(be)g(returned)e(to)i(the)f(client)h(by)g(the)f(serv)o(er)-5
b(.)45 b(The)26 b(serv)o(er)g(MUST)h(read)0 1495 y(all)i(the)g(data)f
(pro)o(vided)e(by)i(the)h(script,)h(until)e(the)h(script)f(signals)h
(the)f(end)g(of)h(the)f(entity)g(body)f(by)i(w)o(ay)f(of)g(an)h(end)f
(of)g(\002le)0 1595 y(condition.)208 1769 y Fd(Entity-Body)81
b(=)h(*OCTET)0 2124 y Fe(7)119 b(System)29 b(Speci\002cations)0
2401 y Fb(7.1)99 b(AmigaDOS)0 2590 y Fc(Meta-V)-8 b(ariables)208
2690 y Ff(The)26 b(serv)o(er)g(SHOULD)h(use)g(en)m(vironment)d(v)n
(ariables)i(as)i(the)e(mechanism)g(of)h(pro)o(viding)d(request)i
(meta-data)g(to)h(the)208 2789 y(CGI)c(script.)34 b(These)23
b(are)g(accessed)h(by)e(the)i(DOS)f(library)f(routine)g
Fd(GetVar)p Ff(.)34 b(The)23 b Fd(flags)f Ff(ar)o(gument)f(SHOULD)j(be)
208 2889 y(0.)h(Case)c(is)g(ignored,)d(b)n(ut)i(upper)f(case)i(is)g
(recommended)c(for)i(compatibility)g(with)h(case-sensiti)n(v)o(e)g
(systems.)0 3055 y Fc(The)h(curr)o(ent)f(w)o(orking)g(dir)o(ectory)208
3155 y Ff(The)f(current)g(w)o(orking)g(directory)f(for)i(the)g(script)g
(is)h(set)g(to)g(the)f(directory)f(containing)f(the)i(script.)0
3321 y Fc(Character)f(set)208 3420 y Ff(The)c(US-ASCII)h(character)f
(set)h([20])f(is)i(used)e(for)g(the)h(de\002nition)f(of)h(meta-v)n
(ariables,)e(headers)h(and)g(v)n(alues;)i(the)f(ne)n(wline)208
3520 y(\(NL\))j(sequence)g(is)i(LF;)g(serv)o(ers)f(SHOULD)g(also)h
(accept)e(CR)j(LF)f(as)g(a)f(ne)n(wline.)0 3832 y Fb(7.2)99
b(UNIX)0 4063 y Ff(F)o(or)20 b(UNIX)g(compatible)f(operating)f
(systems,)j(the)f(follo)n(wing)e(are)i(de\002ned:)0 4303
y Fc(Meta-V)-8 b(ariables)208 4403 y Ff(The)22 b(serv)o(er)f(MUST)i
(use)g(en)m(vironment)c(v)n(ariables)j(as)i(the)e(mechanism)f(of)i(pro)
o(viding)c(request)j(meta-data)g(to)g(the)h(CGI)208 4503
y(script.)i(These)20 b(are)g(accessed)g(by)g(the)g(C)h(library)e
(routine)g Fd(getenv)p Ff(.)0 4669 y Fc(The)i(command)f(line)208
4768 y Ff(This)28 b(is)i(accessed)e(using)g(the)g(the)h
Fd(argc)f Ff(and)g Fd(argv)g Ff(ar)o(guments)e(to)j Fd(main\(\))p
Ff(.)49 b(The)28 b(w)o(ords)g(ha)n(v)o(e)g(an)o(y)g(characters)208
4868 y(which)19 b(are)h(`acti)n(v)o(e')f(in)i(the)f(Bourne)f(shell)i
(escaped)e(with)i(a)f(backslash.)0 5255 y(Robinson)f(&)h(Coar)1009
b(Expires)19 b(15)h(October)f(2003)1008 b([P)o(age)19
b(24])p eop
%%Page: 25 25
25 24 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fc(The)h(curr)o(ent)f(w)o(orking)g(dir)o(ectory)
208 623 y Ff(The)f(current)g(w)o(orking)g(directory)f(for)i(the)g
(script)g(SHOULD)h(be)f(set)h(to)f(the)g(directory)f(containing)f(the)i
(script.)0 789 y Fc(Character)f(set)208 888 y Ff(The)h(US-ASCII)h
(character)f(set)h([20],)f(e)o(xcluding)f(NUL,)h(is)i(used)f(for)f(the)
h(de\002nition)f(of)g(meta-v)n(ariables,)f(headers)h(and)208
988 y(CHAR)g(v)n(alues;)g(TEXT)f(v)n(alues)g(are)h(ISO-8859-1.)h(The)f
(ne)n(wline)f(\(NL\))g(sequence)f(is)j(LF;)f(serv)o(ers)f(should)f
(also)i(accept)208 1088 y(CR)h(LF)g(as)g(a)f(ne)n(wline.)0
1400 y Fb(7.3)99 b(EBCDIC/POSIX)0 1630 y Ff(F)o(or)20
b(POSIX)g(compatible)f(operating)f(systems)j(using)f(the)g(EBCDIC)h
(character)e(set,)i(the)f(follo)n(wing)f(are)h(de\002ned:)0
1871 y Fc(Meta-V)-8 b(ariables)208 1971 y Ff(The)22 b(serv)o(er)f(MUST)
i(use)g(en)m(vironment)c(v)n(ariables)j(as)i(the)e(mechanism)f(of)i
(pro)o(viding)c(request)j(meta-data)g(to)g(the)h(CGI)208
2070 y(script.)i(These)20 b(are)g(accessed)g(by)g(the)g(C)h(library)e
(routine)g Fd(getenv)p Ff(.)0 2236 y Fc(The)i(command)f(line)208
2336 y Ff(This)28 b(is)i(accessed)e(using)g(the)g(the)h
Fd(argc)f Ff(and)g Fd(argv)g Ff(ar)o(guments)e(to)j Fd(main\(\))p
Ff(.)49 b(The)28 b(w)o(ords)g(ha)n(v)o(e)g(an)o(y)g(characters)208
2436 y(which)19 b(are)h(`acti)n(v)o(e')f(in)i(the)f(Bourne)f(shell)i
(escaped)e(with)i(a)f(backslash.)0 2602 y Fc(The)h(curr)o(ent)f(w)o
(orking)g(dir)o(ectory)208 2701 y Ff(The)f(current)g(w)o(orking)g
(directory)f(for)i(the)g(script)g(SHOULD)h(be)f(set)h(to)f(the)g
(directory)f(containing)f(the)i(script.)0 2867 y Fc(Character)f(set)208
2967 y Ff(The)c(EBCDIC-CP-US)h(character)e(set)i([19],)f(e)o(xcluding)e
(NUL,)i(is)i(used)e(for)g(the)g(de\002nition)f(of)h(meta-v)n(ariables,)
f(headers)208 3067 y(all)20 b(v)n(alues.)25 b(The)20
b(ne)n(wline)f(\(NL\))h(sequence)f(is)i(LF;)g(serv)o(ers)e(should)h
(also)g(accept)g(CR)h(LF)g(as)g(a)g(ne)n(wline.)0 3233
y Fc(media-type)e(charset)h(default)208 3332 y Ff(The)f(def)o(ault)h
(charset)g(v)n(alue)f(for)h(te)o(xt)g(\(and)f(other)h
(implementation-de\002ned\))15 b(media)20 b(types)g(is)h(EBCDIC-CP-US.)
0 3687 y Fe(8)119 b(Implementation)0 3964 y Fb(8.1)99
b(Recommendations)26 b(f)n(or)f(Ser)o(v)o(ers)0 4194
y Ff(Serv)o(ers)17 b(may)g(reject)h(with)g(error)f(404)g(`Not)h(F)o
(ound')e(an)o(y)h(requests)g(that)h(w)o(ould)f(result)h(in)g(an)g
(encoded)e("/")i(being)f(decoded)f(into)0 4294 y(P)-8
b(A)f(TH_INFO)20 b(or)g(SCRIPT_N)m(AME,)g(as)h(this)f(might)g
(represent)f(a)i(loss)f(of)g(information)e(to)j(the)f(script.)0
4468 y(Although)c(the)i(serv)o(er)f(and)g(the)h(CGI)g(script)g(need)f
(not)h(be)f(consistent)h(in)g(their)f(handling)f(of)i(URL)g(paths)g
(\(client)g(URLs)g(and)g(the)0 4568 y(P)-8 b(A)f(TH_INFO)25
b(data,)h(respecti)n(v)o(ely\),)e(serv)o(er)g(authors)h(may)f(wish)i
(to)f(impose)g(consistenc)o(y)-5 b(.)38 b(So)25 b(the)g(serv)o(er)g
(implementation)0 4668 y(should)19 b(de\002ne)h(its)h(beha)n(viour)d
(for)i(the)g(follo)n(wing)e(cases:)104 4834 y(1.)41 b(de\002ne)24
b(an)o(y)g(restrictions)h(on)f(allo)n(wed)h(path)f(se)o(gments,)h(in)g
(particular)f(whether)g(non-terminal)e(NULL)j(se)o(gments)g(are)208
4933 y(permitted;)0 5255 y(Robinson)19 b(&)h(Coar)1009
b(Expires)19 b(15)h(October)f(2003)1008 b([P)o(age)19
b(25])p eop
%%Page: 26 26
26 25 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)104 523 y(2.)41 b(de\002ne)22 b(the)h(beha)n(viour)d
(for)i Fd(".")h Ff(or)g Fd("..")f Ff(path)g(se)o(gments;)i(i.e.)f
(whether)e(the)o(y)h(are)h(prohibited,)e(treated)h(as)i(ordinary)208
623 y(path)19 b(se)o(gments)h(or)g(interpreted)e(in)i(accordance)f
(with)h(the)g(relati)n(v)o(e)g(URL)g(speci\002cation)g([3];)104
774 y(3.)41 b(de\002ne)20 b(an)o(y)h(limits)h(of)f(the)g
(implementation,)e(including)h(limits)i(on)f(path)f(or)h(search)g
(string)g(lengths,)g(and)g(limits)h(on)f(the)208 874
y(v)n(olume)e(of)h(headers)f(the)h(serv)o(er)f(will)i(parse.)0
1086 y(Serv)o(ers)i(may)g(generate)g(the)g(Script-URI)g(in)h(an)o(y)f
(w)o(ay)h(from)e(the)i(client)g(URI,)g(or)f(from)g(an)o(y)f(other)h
(data)h(\(b)n(ut)f(the)h(beha)n(viour)0 1185 y(should)19
b(be)h(documented\).)0 1491 y Fb(8.2)99 b(Recommendations)26
b(f)n(or)f(Scripts)0 1721 y Ff(The)c(serv)o(er)f(might)h(interrupt)e
(or)i(terminate)g(script)g(e)o(x)o(ecution)e(at)j(an)o(y)e(time)h(and)g
(without)f(w)o(arning,)g(so)i(the)f(script)g(SHOULD)0
1821 y(be)f(prepared)e(to)j(handle)e(abnormal)f(termination.)0
1995 y(The)h(script)h(MA)-9 b(Y)20 b(reject)f(with)h(error)e(405)h
(`Method)f(Not)h(Allo)n(wed')g(HTTP/1.1)f(requests)i(made)e(using)h(a)h
(method)e(it)j(does)e(not)0 2095 y(support.)30 b(If)22
b(the)g(script)g(does)g(not)g(intend)g(processing)e(the)j(P)-8
b(A)f(TH_INFO)22 b(data,)g(then)g(it)h(should)e(reject)h(the)g(request)
g(with)g(404)0 2195 y(Not)e(F)o(ound)f(if)h(P)-8 b(A)f(TH_INFO)20
b(is)h(not)f(NULL.)0 2369 y(If)e(the)g(output)e(of)i(a)g(form)f(is)i
(being)e(processed,)g(check)g(that)h(CONTENT_TYPE)e(is)j
(`application/x-www-form-urlen)o(co)o(ded)o(')0 2469
y([15])28 b(or)g(`multipart/form-data')c([13].)49 b(If)29
b(CONTENT_TYPE)f(is)h(blank,)h(the)e(script)h(can)f(reject)h(the)g
(request)f(with)g(a)h(415)0 2568 y(`Unsupported)17 b(Media)j(T)-7
b(ype')20 b(error)m(,)e(where)i(supported)e(by)i(the)g(protocol.)0
2743 y(When)k(parsing)g(P)-8 b(A)f(TH_INFO,)24 b(P)-8
b(A)f(TH_TRANSLA)g(TED)23 b(or)h(SCRIPT_N)m(AME)h(the)g(script)f
(SHOULD)h(be)f(careful)g(of)g(v)n(oid)0 2842 y(path)18
b(se)o(gments)f(\("//"\))h(and)f(special)h(path)g(se)o(gments)f(\()p
Fd(".")h Ff(and)g Fd("..")p Ff(\).)23 b(The)o(y)17 b(SHOULD)i(either)e
(be)h(remo)o(v)o(ed)e(from)h(the)h(path)0 2942 y(before)h(use)h(in)h
(OS)f(system)h(calls,)f(or)g(the)h(request)e(SHOULD)i(be)f(rejected)f
(with)i(404)e(`Not)h(F)o(ound'.)0 3116 y(When)f(returning)e(headers,)h
(the)h(script)g(SHOULD)g(try)g(to)g(send)g(the)g(CGI)g(headers)g(as)g
(soon)g(as)g(possible,)g(and)g(SHOULD)g(send)0 3216 y(them)h(before)f
(an)o(y)g(HTTP)h(headers.)k(This)d(may)e(help)h(reduce)f(the)h(serv)o
(er')-5 b(s)20 b(memory)f(requirements.)0 3564 y Fe(9)119
b(Security)31 b(Considerations)0 3841 y Fb(9.1)99 b(Safe)26
b(Methods)0 4071 y Ff(As)17 b(discussed)f(in)g(the)h(security)e
(considerations)f(of)i(the)h(HTTP)f(speci\002cations)g([2],)g([8],)g
(the)g(con)m(v)o(ention)d(has)k(been)e(established)0
4171 y(that)23 b(the)g(GET)f(and)h(HEAD)f(methods)g(should)g(be)g
(`safe')h(and)f(`idempotent';)f(the)o(y)i(should)e(cause)i(no)f
(side-ef)n(fects)g(and)g(only)0 4271 y(ha)n(v)o(e)g(the)g
(signi\002cance)g(of)g(resource)f(retrie)n(v)n(al.)30
b(An)23 b(idempotent)d(request)i(may)g(be)g(repeated)f(an)i(arbitrary)d
(number)h(of)h(times)0 4370 y(and)e(produce)e(side)i(ef)n(fects)g
(identical)g(to)g(a)h(single)f(request.)0 4676 y Fb(9.2)99
b(HTTP)25 b(Headers)g(Containing)g(Sensiti)o(v)o(e)h(Inf)n(ormation)0
4907 y Ff(Some)i(HTTP)h(headers)f(may)g(carry)f(sensiti)n(v)o(e)i
(information)d(which)i(the)h(serv)o(er)e(should)h(not)g(pass)h(on)f(to)
h(the)g(script)f(unless)0 5006 y(e)o(xplicitly)17 b(con\002gured)f(to)i
(do)f(so.)25 b(F)o(or)18 b(e)o(xample,)f(if)h(the)g(serv)o(er)f
(protects)h(the)g(script)g(using)f(the)h(Basic)h(authentication)d
(scheme,)0 5255 y(Robinson)j(&)h(Coar)1009 b(Expires)19
b(15)h(October)f(2003)1008 b([P)o(age)19 b(26])p eop
%%Page: 27 27
27 26 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y(then)j(the)g(client)g(will)h(send)f(an)g
(Authorization)d(header)i(containing)g(a)h(username)f(and)g(passw)o
(ord.)33 b(If)23 b(the)g(serv)o(er)m(,)g(rather)f(than)0
623 y(the)i(script,)g(v)n(alidates)g(this)g(information)e(then)h(it)i
(should)d(not)i(pass)g(on)g(the)f(passw)o(ord)h(via)f(the)h(HTTP_A)-5
b(UTHORIZA)c(TION)0 722 y(meta-v)n(ariable)26 b(without)h(careful)g
(consideration.)45 b(This)28 b(also)h(applies)e(to)h(the)g
(Proxy-Authorization)c(header)i(\002eld)i(and)g(the)0
822 y(corresponding)17 b(HTTP_PR)m(O)m(XY_A)-5 b(UTHORIZA)c(TION)17
b(meta-v)n(ariable.)0 1134 y Fb(9.3)99 b(Data)25 b(Pri)o(v)o(acy)0
1365 y Ff(Con\002dential)e(data)i(in)f(a)h(request)e(should)h(be)g
(placed)f(in)i(a)f(message-body)e(as)j(part)f(of)g(a)h(POST)g(request,)
f(and)g(not)g(placed)f(in)0 1464 y(the)h(URI)g(or)g(message)g(headers.)
35 b(On)24 b(some)g(systems,)h(the)f(en)m(vironment)d(used)j(to)g(pass)
g(meta-v)n(ariables)f(to)h(a)g(script)g(may)g(be)0 1564
y(visible)g(to)g(other)g(scripts)g(or)g(users.)37 b(In)23
b(addition,)h(man)o(y)f(e)o(xisting)g(serv)o(ers,)h(proxies)f(and)h
(client)g(will)h(log)f(the)g(URI)g(where)g(it)0 1664
y(might)c(be)g(visible)g(to)g(third)g(parties.)0 1976
y Fb(9.4)99 b(TLS)26 b(Connection)g(Endpoint)0 2206 y
Ff(F)o(or)19 b(a)h(connection)d(using)i(TLS,)h(the)f(security)g
(applies)h(between)e(the)i(client)f(and)g(the)h(serv)o(er)m(,)e(and)h
(not)g(between)g(the)h(client)f(and)0 2306 y(the)j(script.)29
b(It)22 b(is)g(the)g(serv)o(er')-5 b(s)21 b(responsibility)f(to)i
(handle)f(the)g(TLS)h(session,)g(and)f(thus)h(it)g(is)h(the)e(serv)o
(er)g(that)h(is)g(authenticated)0 2406 y(to)e(the)h(client,)f(not)f
(the)i(CGI)f(script.)0 2718 y Fb(9.5)99 b(Ser)o(v)o(er/Script)27
b(A)-5 b(uthentication)0 2948 y Ff(This)28 b(speci\002cation)f(pro)o
(vides)g(no)g(mechanism)g(for)g(the)h(script)g(to)h(authenticate)d(the)
i(serv)o(er)f(that)i(in)m(v)n(ok)o(ed)d(it.)49 b(There)27
b(is)i(no)0 3048 y(enforced)18 b(inte)o(grity)h(on)h(the)g(CGI)h
(request)e(and)h(response)f(messages.)0 3360 y Fb(9.6)99
b(Script)26 b(Interfer)n(ence)i(with)d(the)h(Ser)o(v)o(er)0
3591 y Ff(The)g(most)g(common)e(implementation)g(of)h(CGI)i(in)m(v)n
(ok)o(es)e(the)h(script)g(as)h(a)f(child)g(process)f(using)h(the)g
(same)g(user)g(and)f(group)0 3690 y(as)i(the)f(serv)o(er)f(process.)41
b(It)26 b(should)f(therefore)f(be)i(ensured)f(that)h(the)g(script)g
(cannot)e(interfere)h(with)h(the)g(serv)o(er)f(process,)i(its)0
3790 y(con\002guration,)17 b(documents)i(or)h(log)g(\002les.)0
3964 y(If)h(the)h(script)f(is)i(e)o(x)o(ecuted)c(by)i(calling)g(a)h
(function)e(link)o(ed)h(in)g(to)h(the)f(serv)o(er)g(softw)o(are)g
(\(either)g(at)g(compile-time)f(or)h(run-time\))0 4064
y(then)e(precautions)f(should)h(be)g(tak)o(en)g(to)h(protect)f(the)h
(core)f(memory)f(of)h(the)h(serv)o(er)m(,)e(or)h(to)h(ensure)f(that)h
(untrusted)e(code)h(cannot)0 4164 y(be)h(e)o(x)o(ecuted.)0
4476 y Fb(9.7)99 b(Data)25 b(Length)h(and)g(Buffering)g(Considerations)
0 4706 y Ff(This)18 b(speci\002cation)f(places)h(no)g(limits)h(on)e
(the)i(length)e(of)g(the)h(message-body)e(presented)h(to)h(the)g
(script.)24 b(The)18 b(script)g(should)f(not)0 4806 y(assume)j(that)h
(statically)f(allocated)g(b)n(uf)n(fers)f(of)h(an)o(y)g(size)h(are)f
(suf)n(\002cient)g(to)g(contain)f(the)i(entire)e(submission)h(at)h(one)
f(time.)25 b(Use)0 4906 y(of)f(a)g(\002x)o(ed)g(length)f(b)n(uf)n(fer)f
(without)i(careful)f(o)o(v)o(er\003o)n(w)f(checking)g(may)i(result)g
(in)g(an)g(attack)o(er)g(e)o(xploiting)e(`stack-smashing')0
5005 y(or)28 b(`stack-o)o(v)o(er\003o)n(w')d(vulnerabilities)i(of)h
(the)g(operating)e(system.)50 b(The)27 b(script)i(may)f(spool)f(lar)o
(ge)g(submissions)h(to)h(disk)f(or)0 5255 y(Robinson)19
b(&)h(Coar)1009 b(Expires)19 b(15)h(October)f(2003)1008
b([P)o(age)19 b(27])p eop
%%Page: 28 28
28 27 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y(other)j(b)n(uf)n(fering)f(media,)i(b)n(ut)g(a)g
(rapid)f(succession)g(of)h(lar)o(ge)f(submissions)g(may)h(result)g(in)g
(denial)f(of)h(service)f(conditions.)35 b(If)0 623 y(the)20
b(CONTENT_LENGTH)e(of)h(a)h(message-body)d(is)k(lar)o(ger)d(than)h
(resource)g(considerations)f(allo)n(w)-5 b(,)19 b(scripts)h(should)e
(respond)0 722 y(with)k(an)g(error)f(status)i(appropriate)d(for)h(the)h
(protocol)e(v)o(ersion;)i(potentially)f(applicable)g(status)i(codes)e
(include)g(503)g(`Service)0 822 y(Una)n(v)n(ailable')c(\(HTTP/1.0)g
(and)h(HTTP/1.1\),)g(413)f(`Request)h(Entity)g(T)-7 b(oo)19
b(Lar)o(ge')e(\(HTTP/1.1\),)f(and)i(414)g(`Request-URI)g(T)-7
b(oo)0 922 y(Lar)o(ge')19 b(\(HTTP/1.1\).)0 1096 y(Similar)h
(considerations)d(apply)i(to)h(the)f(serv)o(er')-5 b(s)20
b(handling)d(of)j(the)f(CGI)h(response)f(from)f(the)i(script.)25
b(There)19 b(is)h(no)f(limit)h(on)g(the)0 1196 y(length)f(of)g(the)h
(message)f(body)f(returned)g(by)h(the)h(script;)f(the)h(serv)o(er)f
(should)f(not)h(assume)h(that)g(statically)g(allocated)e(b)n(uf)n(fers)
h(of)0 1295 y(an)o(y)g(size)i(are)f(suf)n(\002cient)g(to)g(contain)g
(the)g(entire)g(response.)0 1608 y Fb(9.8)99 b(Stateless)25
b(Pr)n(ocessing)0 1838 y Ff(The)c(stateless)h(nature)e(of)h(the)g(W)-7
b(eb)21 b(mak)o(es)g(each)g(script)g(e)o(x)o(ecution)d(and)j(resource)f
(retrie)n(v)n(al)g(independent)e(of)j(all)g(others)g(e)n(v)o(en)0
1938 y(when)g(multiple)g(requests)g(constitute)g(a)g(single)h
(conceptual)e(W)-7 b(eb)22 b(transaction.)27 b(Because)22
b(of)f(this,)h(a)g(script)f(should)g(not)g(mak)o(e)0
2037 y(an)o(y)k(assumptions)f(about)h(the)g(conte)o(xt)f(of)i(the)f
(user)n(-agent)f(submitting)h(a)g(request.)41 b(In)25
b(particular)m(,)g(scripts)h(should)e(e)o(xamine)0 2137
y(data)e(obtained)e(from)h(the)g(client)h(and)f(v)o(erify)g(that)g(the)
o(y)h(are)f(v)n(alid,)h(both)f(in)g(form)g(and)g(content,)g(before)g
(allo)n(wing)f(them)i(to)g(be)0 2236 y(used)i(for)h(sensiti)n(v)o(e)f
(purposes)f(such)i(as)g(input)f(to)h(other)f(applications,)g(commands,)
g(or)h(operating)d(system)j(services.)39 b(These)0 2336
y(uses)24 b(include,)f(b)n(ut)g(are)g(not)g(limited)h(to:)31
b(system)24 b(call)g(ar)o(guments,)e(database)g(writes,)j(dynamically)c
(e)n(v)n(aluated)h(source)g(code,)0 2436 y(and)27 b(input)f(to)i
(billing)f(or)g(other)f(secure)h(processes.)46 b(It)28
b(is)g(important)e(that)i(applications)e(be)h(protected)f(from)g(in)m
(v)n(alid)g(input)0 2535 y(re)o(gardless)19 b(of)h(whether)f(the)h(in)m
(v)n(alidity)f(is)i(the)f(result)g(of)g(user)g(error)m(,)f(logic)g
(error)m(,)g(or)h(malicious)f(action.)0 2710 y(Authors)j(of)h(scripts)g
(in)m(v)n(olv)o(ed)e(in)i(multi-request)e(transactions)h(should)g(be)h
(particularly)e(cautios)h(about)g(v)n(alidating)g(the)h(state)0
2809 y(information;)d(undesirable)h(ef)n(fects)g(may)h(result)g(from)f
(the)h(substitution)f(of)g(dangerous)f(v)n(alues)i(for)f(portions)f(of)
i(the)g(submis-)0 2909 y(sion)h(which)g(might)f(otherwise)g(be)i
(presumed)d(safe.)34 b(Sub)o(v)o(ersion)21 b(of)h(this)i(type)f(occurs)
f(when)g(alterations)h(are)g(made)f(to)i(data)0 3009
y(from)d(a)i(prior)e(stage)h(of)g(the)h(transaction)e(that)h(were)g
(not)g(meant)g(to)g(be)g(controlled)f(by)h(the)g(client)g(\(e.g.,)g
(hidden)f(HTML)h(form)0 3108 y(elements,)e(cookies,)f(embedded)f(URLs,)
j(etc.\).)0 3421 y Fb(9.9)99 b(Non-parsed)26 b(Header)g(Output)0
3651 y Ff(If)c(a)g(script)g(returns)f(a)h(non-parsed)d(header)i
(output,)g(to)h(be)f(interpreted)f(by)i(the)g(client)f(in)h(its)h(nati)
n(v)o(e)e(protocol,)f(then)i(the)g(script)0 3751 y(MUST)e(address)g
(all)h(security)e(considerations)g(relating)g(to)i(that)f(protocol.)0
4105 y Fe(10)119 b(Ackno)o(wledgements)0 4366 y Ff(This)23
b(w)o(ork)f(is)h(based)f(on)g(the)h(original)e(CGI)i(interf)o(ace)f
(that)h(arose)f(out)g(of)g(discussions)h(on)f(the)h(`www-talk')e
(mailing)h(list.)33 b(In)0 4465 y(particular)m(,)15 b(Rob)g(McCool,)h
(John)f(Franks,)g(Ari)h(Luotonen,)e(Geor)o(ge)g(Phillips)i(and)f(T)-7
b(on)o(y)14 b(Sanders)h(deserv)o(e)f(special)i(recognition)0
4565 y(for)k(their)f(ef)n(forts)h(in)g(de\002ning)f(and)h(implementing)
e(the)i(early)g(v)o(ersions)f(of)h(this)h(interf)o(ace.)0
4739 y(This)f(document)e(has)i(also)g(greatly)f(bene\002ted)f(from)h
(the)h(comments)f(and)g(suggestions)g(made)g(Chris)h(Adie,)g(Da)n(v)o
(e)f(Kristol)h(and)0 4839 y(Mik)o(e)k(Me)o(yer;)g(also)g(Da)n(vid)g
(Morris,)g(Jeremy)f(Madea,)h(P)o(atrick)f(McManus,)g(Adam)h(Donahue,)e
(Ross)j(P)o(atterson)e(and)g(Harald)0 4939 y(Alv)o(estrand.)0
5255 y(Robinson)c(&)h(Coar)1009 b(Expires)19 b(15)h(October)f(2003)1008
b([P)o(age)19 b(28])p eop
%%Page: 29 29
29 28 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y Fe(11)119 b(Refer)n(ences)0 742
y Ff([1])110 b(Berners-Lee,)17 b(T)-6 b(.,)18 b(`Uni)n(v)o(ersal)f
(Resource)g(Identi\002ers)g(in)i(WWW)m(:)g(A)g(Unifying)d(Syntax)i(for)
f(the)h(Expression)f(of)g(Names)208 841 y(and)i(Addresses)h(of)g
(Objects)g(on)g(the)g(Netw)o(ork)g(as)h(used)f(in)g(the)g(W)-7
b(orld-W)m(ide)20 b(W)-7 b(eb',)20 b(RFC)i(1630,)c(CERN,)j(June)f
(1994.)0 1007 y([2])110 b(Berners-Lee,)28 b(T)-6 b(.,)30
b(Fielding,)e(R.)h(T)-6 b(.)28 b(and)f(Frystyk,)i(H.,)h(`Hyperte)o(xt)c
(T)m(ransfer)h(Protocol)g(\226)h(HTTP/1.0',)g(RFC)h(1945,)208
1107 y(MIT/LCS,)20 b(UC)h(Irvine,)d(May)i(1996.)0 1273
y([3])110 b(Berners-Lee,)16 b(T)-6 b(.,)18 b(Fielding,)f(R.)h(and)e
(Masinter)m(,)h(L.,)h(`Uniform)e(Resource)g(Identi\002ers)h(\(URI\))g
(:)h(Generic)f(Syntax',)f(RFC)208 1373 y(2396,)i(MIT/LC,)i(U.C.)h
(Irvine,)d(Xerox)i(Corporation,)d(August)j(1998.)0 1539
y([4])110 b(Braden,)19 b(R.,)i(Editor)m(,)e(`Requirements)g(for)h
(Internet)f(Hosts)i(\226)g(Application)e(and)h(Support',)e(STD)j(3,)g
(RFC)h(1123,)d(IETF)-7 b(,)208 1638 y(October)19 b(1989.)0
1804 y([5])110 b(Bradner)m(,)24 b(S.,)j(`K)n(e)o(y)d(w)o(ords)h(for)f
(use)h(in)h(RFCs)g(to)g(Indicate)e(Requirements)g(Le)n(v)o(els',)h(BCP)
h(14,)g(RFC)g(2119,)f(Harv)n(ard)208 1904 y(Uni)n(v)o(ersity)-5
b(,)18 b(March)h(1997.)0 2070 y([6])110 b(Crock)o(er)m(,)22
b(D.H.,)h(`Standard)e(for)h(the)h(F)o(ormat)f(of)h(ARP)-8
b(A)24 b(Internet)e(T)-6 b(e)o(xt)23 b(Messages',)g(STD)g(11,)g(RFC)h
(822,)f(Uni)n(v)o(ersity)208 2170 y(of)c(Dela)o(w)o(are,)h(August)g
(1982.)0 2336 y([7])110 b(Dierks,)19 b(T)-6 b(.)20 b(and)g(Allen,)g
(C.,)h(`The)e(TLS)i(Protocol)e(V)-9 b(ersion)19 b(1.0',)g(RFC)j(2246,)c
(Certicom,)i(January)f(1999.)0 2502 y([8])110 b(Fielding,)30
b(R.,)h(Gettys,)g(J.,)h(Mogul,)d(J.,)j(Frystyk,)e(H.,)h(Masinter)m(,)f
(L.,)h(Leach,)f(P)-9 b(.)29 b(and)f(Berners-Lee,)i(T)-6
b(.,)31 b(`Hyperte)o(xt)208 2601 y(T)m(ransfer)c(Protocol)h(\226)g
(HTTP/1.1',)i(RFC)g(2616,)f(UC)g(Irving,)g(Compaq/W3C,)f(Compaq,)i
(W3C/MIT)-6 b(,)28 b(Xerox,)h(Mi-)208 2701 y(crosoft,)19
b(W3C/MIT)-6 b(,)19 b(June)h(1999.)0 2867 y([9])110 b(Franks,)17
b(J.,)i(Hallam-Bak)o(er)m(,)e(P)-9 b(.,)19 b(Hostetler)m(,)f(J.,)h(La)o
(wrence,)e(S.,)i(Leach,)e(P)-9 b(.,)19 b(Luotonen,)d(A.)j(and)e(Ste)n
(w)o(art)i(L.)f(`HTTP)g(Au-)208 2967 y(thentication:)26
b(Basic)d(and)e(Digest)h(Access)h(Authentication',)c(RFC)24
b(2617,)c(Northwestern)g(Uni)n(v)o(ersity)-5 b(,)20 b(V)-9
b(erisign)21 b(Inc.,)208 3066 y(AbiSource,)28 b(Inc.,)i(Agranat)d
(Systems,)j(Inc.,)g(Microsoft)d(Corporation,)h(Netscape)g
(Communications)e(Corporation,)208 3166 y(Open)19 b(Mark)o(et,)h(Inc.,)
f(June)h(1999.)0 3332 y([10])68 b(Freed,)29 b(N.)f(and)f(Borenstein)g
(N.,)i(`Multipurpose)d(Internet)g(Mail)i(Extensions)f(\(MIME\))g(P)o
(art)g(T)-7 b(w)o(o:)41 b(Media)27 b(T)-7 b(ypes',)208
3432 y(RFC)21 b(2046,)e(Innosoft,)f(First)j(V)-5 b(irtual,)20
b(No)o(v)o(ember)d(1996.)0 3598 y([11])68 b(Hinden,)32
b(R.,)i(Carpenter)m(,)e(B.)f(and)g(Masinter)m(,)h(L.,)i(`F)o(ormat)29
b(for)i(Literal)g(IPv6)f(Addresses)g(in)i(URL)-8 b(')j(s',)34
b(RFC)e(2732,)208 3697 y(Nokia,)19 b(IBM,)h(A)-9 b(T&T)j(,)19
b(December)g(1999.)0 3863 y([12])68 b(Hinden)19 b(R.)j(and)e(Deering)g
(S.,)h(`IP)g(V)-9 b(ersion)20 b(6)h(Addressing)f(Architecture',)f(RFC)j
(2373,)e(Nokia,)g(Cisco)h(Systems,)h(July)208 3963 y(1998.)0
4129 y([13])68 b(Masinter)m(,)21 b(L.,)g(`Returning)f(V)-9
b(alues)21 b(from)g(F)o(orms:)27 b(multipart/form-data',)18
b(RFC)23 b(2388,)d(Xerox)h(Corporation,)e(August)208
4229 y(1998.)0 4395 y([14])68 b(Mockapetris,)18 b(P)-9
b(.,)20 b(`Domain)f(Names)h(-)h(Concepts)f(and)f(F)o(acilities',)i(STD)
f(13,)g(RFC)h(1034,)e(ISI,)h(No)o(v)o(ember)e(1987.)0
4561 y([15])68 b(Raggett,)20 b(Da)n(v)o(e,)g(Le)g(Hors,)g(Arnaud)f(and)
h(Jacobs,)g(Ian)g(\(eds\))g(`HTML)g(4.01)f(Speci\002cation',)g(W3C)i
(Recommendation)208 4660 y(December)d(1999,)h Fd
(http://www.w3.org/TR/html401/)p Ff(.)0 4826 y([16])68
b(Rescola,)20 b(E.)g(`HTTP)g(Ov)o(er)g(TLS',)f(RFC)j(2818,)d(R)-5
b(TFM,)20 b(May)g(2000.)0 4993 y([17])68 b(St.)20 b(Johns,)g(M.,)g
(`Identi\002cation)e(Protocol',)h(RFC)i(1413,)e(US)i(Department)d(of)i
(Defense,)g(February)e(1993.)0 5255 y(Robinson)h(&)h(Coar)1009
b(Expires)19 b(15)h(October)f(2003)1008 b([P)o(age)19
b(29])p eop
%%Page: 30 30
30 29 bop 0 232 a Ff(INTERNET)-8 b(-DRAFT)733 b(Common)19
b(Gate)n(w)o(ay)h(Interf)o(ace)f(\226)h(1.1)733 b(16)20
b(April)g(2003)0 523 y([18])68 b(`HTTP)34 b(Status)h(Code)g(Re)o
(gistry',)i Fd(http://www.iana.org/assignments/http-)o(status)o(-code)o
(s)p Ff(,)208 623 y(IAN)m(A)0 789 y([19])68 b(IBM)20
b(National)g(Language)e(Support)h(Reference)g(Manual)g(V)-11
b(olume)20 b(2,)g(SE09-8002-01,)c(March)j(1990.)0 955
y([20])68 b(`Information)15 b(Systems)k(\226)f(Coded)g(Character)f
(Sets)j(\226)e(7-bit)g(American)f(Standard)h(Code)g(for)g(Information)d
(Interchange)208 1054 y(\(7-Bit)20 b(ASCII\)',)f(ANSI)i(INCITS.4-1986)c
(\(R2002\).)0 1220 y([21])68 b(`Information)21 b(technology)i(\226)h
(8-bit)h(single-byte)e(coded)h(graphic)f(character)h(sets)i(\226)e(P)o
(art)h(1:)35 b(Latin)25 b(alphabet)e(No.)39 b(1',)208
1320 y(ISO/IEC)20 b(8859-1:1998.)0 1486 y([22])68 b(`The)23
b(Common)g(Gate)n(w)o(ay)h(Interf)o(ace',)f Fd
(http://hoohoo.ncsa.uiuc.edu/cgi/)p Ff(,)c(NCSA,)25 b(Uni)n(v)o(ersity)
e(of)208 1586 y(Illinois.)0 1941 y Fe(12)119 b(A)-6 b(uthors')30
b(Addr)n(esses)208 2159 y Ff(Da)n(vid)20 b(Robinson)208
2259 y(Apache)f(Softw)o(are)g(F)o(oundation)208 2359
y(Email:)25 b(drtr@apache.or)o(g)208 2616 y(K)n(en)20
b(A.)g(L.)g(Coar)208 2716 y(MeepZor)e(Consulting)208
2815 y(7824)g(Mayf)o(aire)i(Crest)h(Lane,)e(Suite)h(202)208
2915 y(Raleigh,)f(NC)i(27615-4875)208 3015 y(USA)208
3114 y(T)-6 b(el:)25 b(+1)20 b(\(919\))f(254)g(4237)208
3214 y(F)o(ax:)25 b(+1)20 b(\(919\))e(254)i(5420)208
3313 y(Email:)25 b(K)n(en.Coar@Golux.com)0 5255 y(Robinson)19
b(&)h(Coar)1009 b(Expires)19 b(15)h(October)f(2003)1008
b([P)o(age)19 b(30])p eop
%%Trailer
end
userdict /end-hook known{end-hook}if
%%EOF
| PAFTECH AB 2003-2026 | 2026-04-24 04:21:05 |