Simon Willison’s Weblog

19th October 2008 - Link Blog

Response Splitting Risk. Important reminder that you should always ensure strings used in HTTP headers don’t contain newlines.

Posted 19th October 2008 at 11:58 pm

Recent articles

Can coding agents relicense open source through a “clean room” implementation of code? - 5th March 2026
Something is afoot in the land of Qwen - 4th March 2026
I vibe coded my dream macOS presentation app - 25th February 2026

This is a link post by Simon Willison, posted on 19th October 2008.

http 101 rails 75 responsesplitting 1 security 578

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe