commit 754038a06ffdc127d4e20388aa5764cee271353f
author Maxim Dounin <mdounin@mdounin.ru> Mon Jun 28 18:01:15 2021 +0300
committer Maxim Dounin <mdounin@mdounin.ru> Mon Jun 28 18:01:15 2021 +0300
tree 803480ff45b075b82aadc1dbaff377d5f7397ea2
parent 6505e352f27d73eccc70d1a70e275360e12f589f

Disabled control characters in URIs.

Control characters (0x00-0x1f, 0x7f) were never allowed in URIs, and must
be percent-encoded by clients.  Further, these are not believed to appear
in practice.  On the other hand, passing such characters might make various
attacks possible or easier, despite the fact that currently allowed control
characters are not significant for HTTP request parsing.