olemus
serveri petmine andma ühe HTTP-vastuse asemel mitut,
HTTP-päringus sisalduvate eralduskoodide (CR-LF) abil;
need lisavastused on ründaja kontrolli all ning
võimaldavad näiteks puhvri võltsimist ja skriptisüsti
=
an attack where the attacker manipulates the response headers that will be interpreted by the client

ülevaateid
https://en.wikipedia.org/wiki/HTTP_response_splitting

http://projects.webappsec.org/w/page/13246931/HTTP

http://cwe.mitre.org/data/definitions/113.html

https://www.owasp.org/index.php/HTTP_Response_Splitting

https://www.cs.montana.edu/courses/csci476/topics/http_response_splitting.pdf

tõrje
http://www.drdobbs.com/security/http-response-splitting/184405766