From 224b9a397841a75ba76b13682666cf721a331db7 Mon Sep 17 00:00:00 2001
From: sajad <rahimisajad@outlook.com>
Date: Sun, 19 Oct 2025 12:52:09 +0330
Subject: [PATCH 1/2] check invalid characters in header field-name

---
 src/http/ngx_http_parse.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c
index a45c04554..1e5096524 100644
--- a/src/http/ngx_http_parse.c
+++ b/src/http/ngx_http_parse.c
@@ -959,7 +959,17 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
                 break;
             }
 
-            if (ch <= 0x20 || ch == 0x7f) {
+            if (ch <= 0x20
+                || ch == 0x22
+                || ch == 0x28
+                || ch == 0x29
+                || ch == 0x2c
+                || ch == 0x2f
+                || (ch >= 0x3b && ch <= 0x40)
+                || (ch >= 0x5b && ch <= 0x5d)
+                || ch == 0x7b
+                || ch == 0x7d
+                ) {
                 r->header_end = p;
                 return NGX_HTTP_PARSE_INVALID_HEADER;
             }

From c9a51bc48a2b4988e14f10cd67fdf74bcfbde303 Mon Sep 17 00:00:00 2001
From: sajad <rahimisajad@outlook.com>
Date: Sun, 19 Oct 2025 12:55:52 +0330
Subject: [PATCH 2/2] fix formatting

---
 src/http/ngx_http_parse.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c
index 1e5096524..408f6f745 100644
--- a/src/http/ngx_http_parse.c
+++ b/src/http/ngx_http_parse.c
@@ -968,8 +968,8 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
                 || (ch >= 0x3b && ch <= 0x40)
                 || (ch >= 0x5b && ch <= 0x5d)
                 || ch == 0x7b
-                || ch == 0x7d
-                ) {
+                || ch == 0x7d)
+            {
                 r->header_end = p;
                 return NGX_HTTP_PARSE_INVALID_HEADER;
             }