Please do not use the HTML hack for redirect if you're generating the entire response anyway. The HTML hack is merely for those (hopefully rare) situations where only the content of a page is accessible to the content provider. In a CGI situation, this is clearly not the case.

I'd suggest studying the redirect method of the CGI module.

And yes, I'd fail your code in a code review because of that. Red flagged, not permitted to be deployed.

-- Randal L. Schwartz, Perl hacker