HTTP response splitting is a form of web application vulnerability, resulting from the failure of the application or its environment to properly sanitize input values. It can be used to perform cross-site scripting attacks, cross-user defacement, web cache poisoning, and similar exploits. The attack consists of making the server print a carriage return (CR, ASCII 0x0D) line feed (LF, ASCII 0x0A) s
![HTTP response splitting - Wikipedia](https://cdn-ak-scissors.b.st-hatena.com/image/square/6ba77661b910901061f8e6c7bff84f5694215947/height=288;version=1;width=512/https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fthumb%2F5%2F5b%2FHTTP_logo.svg%2F1200px-HTTP_logo.svg.png)