# CRLF

[A webapp redirect you from http to https? Check for CRLF injection in it. For example : http://example.com/%0d%0aTest:%20Test Make sure to open network tab open on browser. With 301/2 check the header ;) #bugbountytips #CRLFInjection](https://twitter.com/imhaxormad/status/1040136194846154753)

![https://twitter.com/m4ll0k/status/1310439013581549568?s=20](https://1889062997-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LbWrDBBrbM1WtGeIKRO%2F-MTebLppB00teMWoC4sd%2F-MTebR5F-3jvZ0JrHxUY%2Fimage.png?alt=media\&token=b8c2b2bd-da80-4d63-a778-94d350c1199e)

![https://twitter.com/jae\_hak99/status/1316359743452049410?s=20](https://1889062997-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LbWrDBBrbM1WtGeIKRO%2F-MTeeDMk04CWOMhV3uvO%2F-MTeecOClPpBM5eCzobF%2Fimage.png?alt=media\&token=50779b1b-e486-4bee-8aae-6d9b667aa31c)

{% embed url="<https://twitter.com/dwisiswant0/status/1307330215211794433>" %}