We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Hi,
redirect() doesn't filter "\r\n" which leads to CRLF attack.
redirect()
For example, I use redirect("233\r\nSet-Cookie: name=salt") can set a new cookie in the client side.
redirect("233\r\nSet-Cookie: name=salt")
:P