HTTP Header Injection

HTTP header injection is a general class of web application security vulnerability which occurs when Hypertext Transfer Protocol (HTTP) headers are dynamically generated based on user input.  Generally, there are three types of common attacks: HTTP Response Splitting, HTTP Response Smuggling, and HTTP Request Smuggling.

HTTP Response Splitting

ASP.net Related

Defense Measures

Resources