I’ve fielded a whole lot of questions about Perl CGI scripts over the past month or so, largely from webmasters or designers who don’t know a darn thing about Perl but want the functionality that CGI scripts (or something akin to them) would bring to their site. Problem: a large majority of scripts in common use are insecure. Those freely available scripts from Matt’s Script Archive are not to be used, folks.

Finding CGI Scripts addresses this very problem, offering suggestions for finding secure scripts and finishing up by pointing to nms. nms is a project started by the London Perl Mongers to create secure, well-written drop-in replacements for popular CGI scripts. I’ve been recommending these to everyone who asks. Good stuff. The only problem that I’ve noticed is a distinct Unix bias, so some couldn’t be used on a Windows server without modification. That’s not insurmountable, though.