So... assuming this is actually perl, and not something else using PCREs, then this actually seems to work:

my $string = "a_sample_string";
$string =~ m/(?{ tr|_| | })(.*)/;
print $1;
[download]

That said, this is terribly fragile and dangerous. I wouldn't actually do that. You are essentially reaching out from the inside regex and altering the match variable before trying to match. It does manage to meet your criterion, though.

Update: Remember that this is actually a destructive match, though... you aren't just returning $1, but also altering the match input, wherever that comes from. This will fail if the match input is immutable.

This won't work if the perl code on the back end works like this:

my $string = "a_sample_string";
my $re = q[(?{ tr|_| | })(.*)]; 
# or my $re = some CGI parameter extraction
$string =~ m/$re/;
print $1;
[download]

Which is, you must admit much more likely than forming a string and passing it to eval (but some people do some amazingly unsecure things). Of course, if they pass it through the qr operator, we're back in business. (I assume they aren't using the obviously insecure use re 'eval';)

The lesson here for anyone writing CGI scripts that do regexp manipulation is this:
Using qr allows regexps to execute arbitrary code. DO NOT take arbitrary user input and feed it to qr unless you mean to allow arbitrary code execution.

--
@/=map{[/./g]}qw/.h_nJ Xapou cets krht ele_ r_ra/;
map{y/X_/\n /;print}map{pop@$_}@/for@/
[download]