Actually, found out that this is a defect in IIS and the way to get around it was to rename the file prepending it with "nph-" which tells IIS to not parse the headers and just use the headers that are sent as is. Then I could send both the cookie and location headers at the same time.
print $cgi->header(-status => "302 (Found) Moved Temporarily",
-cookie => $cookie,
-location => $location,
-type => "text/html",
-nph => 1);
Thank you,
Swapna.
