Talk:HTTP Response Splitting
From OWASP
I think the example code isn't actually vulnerable. The libraries appear to automatically escape the input.
- This page was last modified on 16 November 2010, at 12:26.
- Content is available under Creative Commons Attribution-ShareAlike unless otherwise noted.
- Open Web Application Security Project, OWASP, Global AppSec, AppSec Days, AppSec California, SnowFROC, LASCON, and the OWASP logo are trademarks of the OWASP Foundation.