https://cloudutsuk.com/posts/cybersecurity/owasp/http-header-injection-attack-via-payload/