Why do HTTP servers forbid underscores in HTTP header names

apache http nginx rfc
35,694

Solution 1

They are not forbidden, it's CGI legacy. See "Missing (disappearing) HTTP Headers".

If you do not explicitly set underscores_in_headers on;, nginx will silently drop HTTP headers with underscores (which are perfectly valid according to the HTTP standard). This is done in order to prevent ambiguities when mapping headers to CGI variables, as both dashes and underscores are mapped to underscores during that process.

Solution 2

Underscores in header fields are allowed per RFC 7230, sec. 3.2., but are uncommon.

Share:
35,694
white
Author by

white

Updated on July 08, 2022

Comments

  • white
    white almost 2 years

    I had a problem with a custom HTTP SESSION_ID header not being transfered by nginx proxy.

    I was told that underscores are prohibited according to the HTTP RFC.

    Searching, I found that most servers like Apache or nginx define them as illegal in RFC2616 section 4.2, which says:

    follow the same generic format as that given in Section 3.1 of RFC 822 [9]

    RFC822 says:

    The field-name must be composed of printable ASCII characters (i.e., characters that have values between 33. and 126., decimal, except colon)

    Underscore is decimal character 95 in the ASCII table in the 33-126 range.

    What am I missing?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Dart http.MultipartRequest not sending data to Lumen after relocating server to a different apache server, Postman works fine
java.lang.IllegalArgumentException: Host name may not be null, while firing a get request
RewriteRule not working
HTTP 500 Internal Server error when uploading files
nginx auth_basic "Restricted" prompting login on every request
How to handle "OPTIONS *" request in nginx?
How to isolate the HTTP headers/body from a PHP Sockets request
HTTP SSL Proxy with Java Apache HttpClient
Can't Access SOAP Web Service Over HTTPS
nginx and proxy_pass - send Connection: close headers