Chromatic's book Modern Perl Programming (2011) is a free download. It's a good refresher/updater for people who already have some experience with Perl, like me whose copy of the Camel Book is a 1996 edition.
I was getting an unexplained, unlogged 500 internal server error response for a perl Hello World script.
#!/usr/bin/perl print "Content-type: text/html\n\n<p>Hello World</p>\n";
This was especially odd because I have a perl program running elsewhere on the same server. After comparing .htaccess settings and triple-checking my Content-type syntax, I found the apparent cause: the server requires either the -w (warnings) or the -T (taint checks) flag be turned on.
I was unable to determine which setting causes this. mod_perl's PerlSwitches can force all scripts to be run with -wT turned on, but I could find no setting to refuse to run scripts which lack either flag.
For a description of taint mode, read perlsec.
.My website will have a directory where I do not want CGIs to run. The obvious and wrong answer is to create an .htaccess file with "Options -ExecCGI", but that causes the errors "Access forbidden!" and "Options ExecCGI is off" when I try to access a .pl file. For the next obvious and wrong solution, I tried renaming the file to ".pl.txt". That did not work.
Given that I would like to serve .pl files as plain text, I tried "AddType text/plain .pl". RemoveType also does not work; note that the docs say that this is what you use for this case. RewriteRule \.pl$ - [T=text/plain] did not work; note, again, the docs say it should.
What did work was to add "RemoveHandler .pl".
