An attacker injects content into a server response that is interpreted
						differently by intermediaries than it is by the target browser. To do this,
						it takes advantage of inconsistent or incorrect interpretations of the HTTP
						protocol by various applications. For example, it might use different block
						terminating characters (CR or LF alone), adding duplicate header fields that
						browsers interpret as belonging to separate responses, or other techniques.
						Consequences of this attack can include response-splitting, cross-site
						scripting, apparent defacement of targeted sites, cache poisoning, or
						similar actions.