HTTP response splitting

Amit Klein, Steve Orrin

Research output: Contribution to specialist publicationArticle


The HTTP response splitting, which is a new attack technique with a large impact on various web environments is discussed. HTTP response splitting enables various attacks such as web cache poisoning, cross-user defacement, page hijacking of user information, and cross-site scripting (XSS). HTTP response splitting attack involves the web server, the target, which interacts with the web server, and the attacker who initiates the attack. The HTTP technique is can only be applied to applications that do not validate their input before embedding it into HTTP response header.

Original languageAmerican English
Number of pages3
Specialist publicationDr. Dobb's Journal
StatePublished - Aug 2004
Externally publishedYes


Dive into the research topics of 'HTTP response splitting'. Together they form a unique fingerprint.

Cite this