I generally do 'delete' buttons like this - irrespective of what generation method one uses (CGI.pm, HERE docs etc.), the html comes out as...

<input type='submit' name='delete_skills' value='Delete'
  onclick="return confirm('Are you sure?');">
[download]

A 'No' click cancels the submission.

As others have said though, Javascript should be a 'nice extra'. In 'friendly' apps, I generally check for JS support when logging users in - $q->submit({-name=>'login',-onclick=>"document.forms[0].got_javascript=1;"}) or similar - and store this in their session / cookie / whatever. Later, this can be checked to see if a confirmation stage is necessary.

Of course, in 'critical' apps (or ones where 9 out of 10 pet-owners said their computers preferred anything but MSIE, and F12 is all you need to switch JS on/off), as again stated above, one should never rely on it.

Cheers
Ben.