This documentation is for WSO2 Identity Server 5.1.0 . View documentation for the latest release.
Identity Server 5.1.0

Versions Compared

Old Version 6

changes.mady.by.user Sherene Mahanama

Saved on

compared with

New Version Current

changes.mady.by.user Praneesha Chandrasiri

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Carraige Return Line Feed (CRLF) attacks are also known as HTTP Response Splitting. The carriage return can be represented as CR, ASCII 13 10 or /r which feeds out one line, and line feed as LF, ASCII 10 13 or /n which starts a new line. If an attacker injects a malicious CRLF sequence into an HTTP stream when a user manages to submit a CRLF into an application, the attacker will gain malicious control on the way a web application functions.

...

The CRLF Filter sanitizes CR & LF characters in response headers and appenders to sanitize them in logging messages.

Configuring the CSRF Filter

...