Simon Willison’s Weblog

19th October 2008 - Link Blog

Response Splitting Risk. Important reminder that you should always ensure strings used in HTTP headers don’t contain newlines.

Posted 19th October 2008 at 11:58 pm

Recent articles

I think Anthropic and OpenAI have found product-market fit - 27th May 2026
Notes on Pope Leo XIV's encyclical on AI - 25th May 2026
Datasette Agent - 21st May 2026

This is a link post by Simon Willison, posted on 19th October 2008.

http 124 rails 110 responsesplitting 1 security 606

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe