Http header CR / LF validation

## motivation

Currently `HttpClientRequest` and `HttpServerResponse` don't check wether header name or value contain `\r` or `\n` chars. Of course developers are fully responsible for http headers set and
such incorrect value is likely unintended. Forbidding it prevents HTTP header injection for application that omit to check headers.

## change

throw an `IllegalArgumentException` when a header name or value contains `\r` or `\n` char

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Http header CR / LF validation #2470

motivation

change

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Http header CR / LF validation #2470

Description

motivation

change

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions