Setting $CGI::POST_MAX to 102400 is approx 102,400 characters minus some overhead. This is more of a DoS Attack counter measure.

Limiting in the HTML form is the least secure way to limit data. It is easy to subvert using something like LWP.

You can go a little further and limit using substr in your script:

#!/usr/bin/perl -w

use strict;

my $long_string = "Long String";

print $long_string . "\n";

#  limit string to 3 characters in length
$long_string = substr($long_string, 0, 3);

print $long_string . "\n";
[download]