diff --git a/tests/test_descriptors.py b/tests/test_descriptors.py
index 7bf229f5..eb3d3161 100644
--- a/tests/test_descriptors.py
+++ b/tests/test_descriptors.py
@@ -155,6 +155,14 @@ def test_header_getter_fset_text():
     desc.fset(resp, text_('avalue'))
     eq_(desc.fget(resp), 'avalue')
 
+def test_header_getter_fset_text_control_chars():
+    from webob.compat import text_
+    from webob.descriptors import header_getter
+    from webob import Response
+    resp = Response('aresp')
+    desc = header_getter('AHEADER', '14.3')
+    assert_raises(ValueError, desc.fset, resp, text_('\n'))
+
 def test_header_getter_fdel():
     from webob.descriptors import header_getter
     from webob import Response
diff --git a/tests/test_exc.py b/tests/test_exc.py
index 4f7c2386..dcb1fed0 100644
--- a/tests/test_exc.py
+++ b/tests/test_exc.py
@@ -259,6 +259,17 @@ def start_response(status, headers, exc_info=None):
     m = webob_exc._HTTPMove(location='http://example.com')
     assert_equal( m( environ, start_response ), [] )
 
+def test_HTTPMove_location_newlines():
+    environ = {
+       'wsgi.url_scheme': 'HTTP',
+       'SERVER_NAME': 'localhost',
+       'SERVER_PORT': '80',
+       'REQUEST_METHOD': 'HEAD',
+       'PATH_INFO': '/',
+    }
+    assert_raises(ValueError, webob_exc._HTTPMove,
+            location='http://example.com\r\nX-Test: false')
+
 def test_HTTPMove_add_slash_and_location():
     def start_response(status, headers, exc_info=None):
         pass
diff --git a/webob/descriptors.py b/webob/descriptors.py
index 505a2b63..5fd26eb1 100644
--- a/webob/descriptors.py
+++ b/webob/descriptors.py
@@ -138,6 +138,9 @@ def fget(r):
     def fset(r, value):
         fdel(r)
         if value is not None:
+            if '\n' in value or '\r' in value:
+                raise ValueError('Header value may not contain control characters')
+
             if isinstance(value, text_type) and not PY3:
                 value = value.encode('latin-1')
             r._headerlist.append((header, value))
diff --git a/webob/exc.py b/webob/exc.py
index a67a867b..57a81b59 100644
--- a/webob/exc.py
+++ b/webob/exc.py
@@ -481,6 +481,9 @@ def __init__(self, detail=None, headers=None, comment=None,
             detail=detail, headers=headers, comment=comment,
             body_template=body_template)
         if location is not None:
+            if '\n' in location or '\r' in location:
+                raise ValueError('Control characters are not allowed in location')
+
             self.location = location
             if add_slash:
                 raise TypeError(