HTTP header injection

web application vulnerability that occurs when HTTP headers are dynamically generated from user input; can allow for HTTP response splitting, session fixation (via Set-Cookie), cross-site scripting, and malicious redirect attacks

Thing general Q1592277

Press Enter · cited answer in seconds

HTTP header injection

Summary

HTTP header injection ranks in the top 2% of general entities by monthly Wikipedia readership (46 views/month).^[1]

Key Facts

HTTP header injection's subclass of is recorded as vulnerability^[2].
HTTP header injection's Freebase ID is recorded as /m/0264984^[3].
HTTP header injection's facet of is recorded as HTTP header^[4].
HTTP header injection's Quora topic ID is recorded as What-is-an-http-header-injection^[5].
HTTP header injection's Microsoft Academic ID is recorded as 182614103^[6].

Why It Matters

HTTP header injection ranks in the top 2% of general entities by monthly Wikipedia readership (46 views/month).^[1] It has Wikipedia articles in 5 language editions, a strong signal of global cultural recognition.^[7] It is known by 6 alternative names across languages and contexts.^[8]

⭐ Popularity Graph

0/100 long tail

🌐 Wiki Languages

5 / 423 langs

📈 Wikipedia Views · last 104h

175/mo 221/yr

🔗 Readers Also Explored · clickstream

HTTP

HTTP response splitting

📊 Google Search Volume

no search data yet

Quick Facts

Subclass of vulnerability

Facet of HTTP header

External References (3)

Freebase id /m/0264984

Microsoft academic id (discontinued) 182614103

Quora topic id What-is-an-http-header-injection

🌐 Available in 5 languages

enHTTP header injection deHeader-Injection esInyección de encabezado HTTP heהזרקת HTTP Header jaHTTPヘッダ・インジェクション

🏷️ Also known as

en CWE-113 en HTTP injection es Inyeccion de encabezado HTTP ja CWE-113 ja HTTP injection ja HTTPインジェクション

🔗 Connections

Subclass of 1

vulnerability

References

Programmatic citations — every numbered marker resolves to a verifiable graph row below.

Direct Wikidata claims

Aggregate / graph-position facts

[1] ↑ HTTP header injection ranks in the top 2% of general entities by monthly Wikipedia readership (46 views/month).. Wikimedia Foundation. dumps.wikimedia.org.
[7] ↑ HTTP header injection has Wikipedia articles in 5 language editions, a strong signal of global cultural recognition.. Wikidata sitelinks. wikidata.org.
[8] ↑ HTTP header injection is known by 6 alternative names across languages and contexts.. Wikidata aliases. wikidata.org.

📑 Cite this page

Use these citations when quoting this entity in research, articles, AI prompts, or wherever provenance matters. We aggregate Wikidata + Wikipedia + authoritative open-data sources; the stitched, scored, cross-referenced view is what 4ort.xyz contributes.

APA

4ort.xyz Knowledge Graph. (2026). HTTP header injection. Retrieved April 10, 2026, from https://4ort.xyz/entity/http-header-injection

MLA

“HTTP header injection.” 4ort.xyz Knowledge Graph, 4ort.xyz, 10 Apr. 2026, https://4ort.xyz/entity/http-header-injection.

BibTeX

@misc{4ortxyz_http-header-injection_2026, author = {{4ort.xyz Knowledge Graph}}, title = {{HTTP header injection}}, year = {2026}, url = {https://4ort.xyz/entity/http-header-injection}, note = {Accessed: 2026-04-10}}

LLM prompt

According to 4ort.xyz Knowledge Graph (aggregator of Wikidata, Wikipedia, and authoritative open-data sources): HTTP header injection — https://4ort.xyz/entity/http-header-injection (retrieved 2026-04-10)

Canonical URL: https://4ort.xyz/entity/http-header-injection · Last refreshed: April 10, 2026