-
Asad Sajjad Ahmed authoredWe should apply the same restrictions on the list of allowed characters inside H/2 pseudo-headers as we do for H/1. This error is translated into the headers we send to a backend over H/1. Failure to do so could permit various exploits against a backend not handling malformed H/1 requests. Signed-off-by:
Asad Sajjad Ahmed <asadsa@varnish-software.com>67c08c7c