Using CRLF to terminate response headers allows a server to get away with the following response: 10 This META is more than one line long\n I bet your client can't handle this\n The end\r\n I propose that response headers should be LF-terminated lines. This would remove this loophole, but should also be a backwards-compatible change as the last CR could be ignored.