Or, since you're using CGI.pm already to parse your form variables (of course you are, right!?), you can just use its escapeHTML function, too:
use CGI;
my $q=CGI->new();
$file_loc="$sorc";
$whattoread = fopen($file_loc, "r");
$file_contents=fread($whattoread, filesize($file_loc));
fclose($whattoread);
print $q->header();
print $q->pre($q->escapeHTML($file_contents));
which allows you to display your HTML very reliably, without IE idiotically second-guessing your mime-types. Plus, you can wrap this in whatever real HTML you like.
HTH
-Any sufficiently advanced technology is indistinguishable from doubletalk. |