Common Gateway Interface (CGI) is a standard method to generate dynamic content on web pages and web applications providing the interface between web server and programs to deliver content. This medium was created and grew in popularization as a standard way to create web content since the late 90's. CGI programs are typically designed in PERL for host platforms and C/C++ in embedded devices since PERL is typically too CPU and memory intensive for embedded devices. Each web-page managed by CGI is typically designed as a standalone computer program, and it is therefore not uncommon to have a large number of CGI programs in a CGI managed web-application.
See also Node.js vs. Barracuda App Server
CGI cannot be used in embedded devices if the operating system does not support the process model since CGI is an API, based on passing environment variables from a web-server to an external process. The following comparison therefore applies to using a web-server with operating systems such as embedded Linux and QNX.
Envision that your objective is to create a water container. To meet this criteria the natural selection would be to start with something that may resemble a bucket. When we compare CGI in analogy, the solution provides a starting point which is equivalent to that of a strainer. Consequently, the application developer must spend a considerable effort identifying and sealing all of the holes of this strainer (CGI).
Unfortunately, CGI has no inherent or native security built into its structure, and with its many vulnerabilities, it creates a struggle to maintain such a solution in today's IoT generation of devices. Manufacturers are becoming increasingly aware of these problems, but usually as a casualty of consequence in the daily news rather than the advanced step to negate avoidable liabilities.
CGI is particularly slow in embedded devices with limited CPU since the web server must request the operating system to load, initialize, and execute the external CGI processes. A CGI process is typically loaded, initialized, executed, and terminated by the operating system for each web-page accessed. Starting up the CGI process takes up much more time and memory than the actual work of generating the output. Due to speed issues, web-applications designed using CGI in CPU limited devices will in many cases be too impractical for normal use. The users of the web-application may become impatient and regard the web-application of poor quality.
In Barracuda, web applications are extremely fast as they are part of the server if designed in CSP or loaded into the server at startup if designed in LSP. Additionally, since Barracuda is designed from the ground up for resource constrained devices, web-applications designed using CSP or LSP are generally blinding fast.
Lua Server Pages, or LSP for short, and C/C++ Server Pages, or CSP for short, are technologies that enable you to make dynamic and interactive web pages. LSP is similar to CSP except that LSP does not need to be compiled. Lua is a lightweight functional programming language, designed as a scripting language with extensible semantics as a primary goal.
One can find many discussions online when searching, for example, on Google for CGI versus ASP, or CGI versus PHP, etc. One soon gets a more clear understanding that developing CGI applications are much more cumbersome than more modern alternatives. These discussions are typically related to CGI developed in PERL or other high-level scripting languages. A CGI process developed in the C/C++ language is for obvious reasons much slower to design than to design a CGI script in PERL or any other scripting language. In addition, a CGI C/C++ framework must either be developed or purchased separately. This framework/library must be linked with all CGI programs (pages) developed, and CGI applications for embedded devices become extremely tedious and expensive to develop. CGI processes designed in C/C++ scale poorly, and it can become very expensive to add features and/or change web-applications designed using CGI.
Barracuda, on the other hand, provides a feature rich and easy to use web-framework that CSP and LSP applications can take advantage of. We dare to compare our LSP plug-in in functionality and ease of development with high end application servers such as those that can run ASP .NET web applications.
We often get questions about the size of the Barracuda Embedded Application Server, though customers typically do not think about the size of the web-application, which can easily and rapidly increase in size. A CGI based web-application designed in C/C++ increases in size rapidly as pages are added. Barracuda stores applications designed in LSP as ZIP files, thus considerably reducing the size compared to CGI based web-applications.
Do you still want to use CGI?
We provide a CGI plugin on our GitHub source code repository.
The difference between an application server and web server is explained in the What is an Embedded Application Server tutorial.
CGI can only be used on high level operating systems such as embedded Linux and QNX. Also, CGI cannot be used for modern web development and excludes the use of real time WebSocket communication as shown in the video below.
Our consulting services are your first line of defense when complexities arise in networking, security, or device management. And for those keen to take the reins, our extensive tutorials on embedded web servers and IoT are your perfect companion. With Real Time Logic, expertise meets empowerment. Your vision, our mission.
Expedite your IoT and edge computing development with the "Barracuda App Server Network Library", a compact client/server multi-protocol stack and IoT toolkit with an efficient integrated scripting engine. Includes Industrial Protocols, MQTT client, SMQ broker, WebSocket client & server, REST, AJAX, XML, and more. The Barracuda App Server is a programmable, secure, and intelligent IoT toolkit that fits a wide range of hardware options.
SharkSSL is the smallest, fastest, and best performing embedded TLS stack with optimized ciphers made by Real Time Logic. SharkSSL includes many secure IoT protocols.
SMQ lets developers quickly and inexpensively deliver world-class management functionality for their products. SMQ is an enterprise ready IoT protocol that enables easier control and management of products on a massive scale.
SharkMQTT is a super small secure MQTT client with integrated TLS stack. SharkMQTT easily fits in tiny microcontrollers.
An easy to use OPC UA stack that enables bridging of OPC-UA enabled industrial products with cloud services, IT, and HTML5 user interfaces.
Use our user programmable Edge-Controller as a tool to accelerate development of the next generation industrial edge products and to facilitate rapid IoT and IIoT development.
Learn how to use the Barracuda App Server as your On-Premises IoT Foundation.
The compact Web Server C library is included in the Barracuda App Server protocol suite but can also be used standalone.
The tiny Minnow Server enables modern web server user interfaces to be used as the graphical front end for tiny microcontrollers. Make sure to check out the reference design and the Minnow Server design guide.
Why use FTP when you can use your device as a secure network drive.
PikeHTTP is a compact and secure HTTP client C library that greatly simplifies the design of HTTP/REST style apps in C or C++.
The embedded WebSocket C library lets developers design tiny and secure IoT applications based on the WebSocket protocol.
Send alarms and other notifications from any microcontroller powered product.
The RayCrypto engine is an extremely small and fast embedded crypto library designed specifically for embedded resource-constrained devices.
Real Time Logic's SharkTrust™ service is an automatic Public Key Infrastructure (PKI) solution for products containing an Embedded Web Server.
The Modbus client enables bridging of Modbus enabled industrial products with modern IoT devices and HTML5 powered HMIs.