Nextcloud: Response Header injection using redirect_uri together with PHP that utilizes Header Folding according to RFC1945 and Internet Explorer 11

Hi, I noticed that the redirecturi used to redirect users to any location on the page, passes in all data into a header"Location.. without any validation. The problem is that PHP current PHP-versions of Debian/Ubuntu, there seem to be a patch properly in place in other dists actually built the...