IIS doesn't respect the #! line, so one would normally have to edit the association for Perl CGI to all run in taint mode (using the -T switch). However, this can break other people's code. Thanks to diotalevi, there is a way to turn on Taint checking for one particular script, at a slight performance cost:

BEGIN { unless ( ${^TAINT} ) { exec $^X, '-T', $0 } }
[download]

Placed as the very first line in the script (even before you 'use' anything), this will re-call the Perl interpreter on one's script, and even preserves the CGI parameters in the process. There is a small hit on speed, as the interpreter loads twice, but the hit is better than running without tainting.

Of course, the real solution is to use a better-equipped web server; but as that's not always an option...

Originally posted as a Categorized Question.