I might as well also comment on an interesting article I read in Dr Dobb's on the weekend -- HTTP response splitting. The idea is that if you can inject URLEncoded newlines into an HTTP response, you can fake the client into believing it's getting responses it's not. It's a standard abnormal-command-termination hack (like putting
');[arbitrary SQL here]
in your username field in a web app, and having the app execute the SQL for you), but it's interesting.
Certainly an input-validation thing the webapp I work on doesn't do.