Simon Willison’s Weblog

1 item tagged “responsesplitting”

2008

Response Splitting Risk. Important reminder that you should always ensure strings used in HTTP headers don’t contain newlines. # 19th October 2008, 11:58 pm