This document discusses various techniques for HTTP response splitting and cache poisoning attacks. It provides examples of exploiting HTTP response splitting vulnerabilities to inject additional headers and responses. It also covers ways to poison caches by manipulating headers like Content-Length and Last-Modified to influence caching behavior. The document examines defenses implemented in modern browsers and web servers as well as mitigation techniques. It raises questions about the potential for these attacks to impact other protocols beyond HTTP.