HTTP response splitting? How-to prevent them in J2EE/Web applications ?
Couple of days ago, I received the above question from one of our readers. Although I briefly responded to him over email, I really wanted to explore the known traits for defending this vulnerability : HTTP response splitting is a Web application input validation vulnerability that allows to exploit the HTTP headers of a Web application for initiating attacks leading… Read more »