Well fundamentally, if you send users a URL with some sensitive information, they will be able to see it one way or the other. Can't you get the content to your perl script and print it directly to the client?