The -T is "too late" because, unlike Apache, IIS (and PWS) execute CGI scripts by first looking up the binding for .cgi in its internal scriptmap. The command in the scriptmap is then executed, and the name of the script is passed as an argument. Typically, the scriptmap for .cgi will be .cgi "c:\perl\bin\perl.exe %s %s" So when the CGI script is executed, there's no -T on the command line. The -T in the script header is "too late". One way to fix this is to edit the IIS scriptmap to change the binding to .cgi "c:\perl\bin\perl.exe -T %s %s" This means that all CGI scripts will run with taint checking. Since that might break other scripts, you might instead consider adding a scriptmap entry .cgt "c:\perl\bin\perl.exe -T %s %s"
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>