[ruby/cgi] Prevent CRLF injection
Throw a RuntimeError if the HTTP response header contains CR or LF to prevent HTTP response splitting.
https://hackerone.com/reports/1204695
https://github.com/ruby/cgi/commit/64c5045c0a
Added by mame (Yusuke Endoh) over 2 years ago
[ruby/cgi] Prevent CRLF injection
Throw a RuntimeError if the HTTP response header contains CR or LF to
prevent HTTP response splitting.
https://hackerone.com/reports/1204695
https://github.com/ruby/cgi/commit/64c5045c0a