http://simonwillison.net/2008-10-19T23:58:16+00:00Simon Willison2008-10-19T23:58:16+00:002008-10-19T23:58:16+00:00https://simonwillison.net/2008/Oct/19/riding/#atom-tag

<p><strong><a href="http://weblog.rubyonrails.org/2008/10/19/response-splitting-risk">Response Splitting Risk</a></strong></p> Important reminder that you should always ensure strings used in HTTP headers don’t contain newlines. <p>Tags: <a href="https://simonwillison.net/tags/http">http</a>, <a href="https://simonwillison.net/tags/rails">rails</a>, <a href="https://simonwillison.net/tags/responsesplitting">responsesplitting</a>, <a href="https://simonwillison.net/tags/security">security</a></p>