From ea18125693f42b0474afd7cd5030cc8a69357b25 Mon Sep 17 00:00:00 2001
From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com>
Date: Mon, 28 Apr 2025 00:27:00 +0000
Subject: [PATCH] Introduced protections against HTTP header injection /
 smuggling attacks

---
 .../SPDF/config/security/UserBasedRateLimitingFilter.java       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/stirling/software/SPDF/config/security/UserBasedRateLimitingFilter.java b/src/main/java/stirling/software/SPDF/config/security/UserBasedRateLimitingFilter.java
index 5ca7df214..1c8ea0e03 100644
--- a/src/main/java/stirling/software/SPDF/config/security/UserBasedRateLimitingFilter.java
+++ b/src/main/java/stirling/software/SPDF/config/security/UserBasedRateLimitingFilter.java
@@ -121,7 +121,7 @@ public class UserBasedRateLimitingFilter extends OncePerRequestFilter {
         if (probe.isConsumed()) {
             response.setHeader(
                     "X-Rate-Limit-Remaining",
-                    stripNewlines(Newlines.stripAll(Long.toString(probe.getRemainingTokens()))));
+                    Newlines.stripAll(stripNewlines(Newlines.stripAll(Long.toString(probe.getRemainingTokens())))));
             filterChain.doFilter(request, response);
         } else {
             long waitForRefill = probe.getNanosToWaitForRefill() / 1_000_000_000;