ATS accepts and forwards header names containing the following characters, all of which RFC 9110 does not permit in header names:
\t, `,",(,),,,/,;,<,=,>,?,@,[,\,],{,}, and the entire range from\x80to\xff`.
Of particular note is that ATS forwards \x85 and \xa0, because these characters are stripped by python's str.strip, and are therefore stripped from headers in a certain buggy HTTP server of which I am aware. This is essentially the same issue as the one fixed by https://github.com/apache/trafficserver/pull/3192, but affects only servers that treat \x85 and \xa0 as whitespace.
ATS accepts and forwards header names containing the following characters, all of which RFC 9110 does not permit in header names:
\t
,`,
",
(,
),
,,
/,
;,
<,
=,
>,
?,
@,
[,
\,
],
{,
}, and the entire range from
\x80to
\xff`.Of particular note is that ATS forwards
\x85
and\xa0
, because these characters are stripped by python'sstr.strip
, and are therefore stripped from headers in a certain buggy HTTP server of which I am aware. This is essentially the same issue as the one fixed by https://github.com/apache/trafficserver/pull/3192, but affects only servers that treat\x85
and\xa0
as whitespace.