what characters are allowed in HTTP header values?

http-headers http

Solution 1:

RFC 2616 is obsolete, the relevant part has been replaced by RFC 7230.

The NUL octet is no longer allowed in comment and quoted-string text, and handling of backslash-escaping in them has been clarified. The quoted-pair rule no longer allows escaping control characters other than HTAB. Non-US-ASCII content in header fields and the reason phrase has been obsoleted and made opaque (the TEXT rule was removed). (Section 3.2.6)

In essence, RFC 2616 defaulted to ISO-8859-1, and this was both insufficient and not interoperable anyway. Thus, RFC 7230 has deprecated non-ASCII octets in field values. The recommendation is to use an escaping mechanism on top of that (such as defined in RFC 8187, or plain URI-percent-encoding).

Related

Why does this small Java program make MacOS restart?
How to unit test your API?
Cookies with and without the Domain Specified (browser inconsistency)
Problems displaying PDF in iFrame on Mobile Safari
Apple Maps, Raster Overlays Above Labels - Failed to decode
Strategy for developing namespaced and non-namespaced versions of same PHP code
C# Decimal.Epsilon
Loop Over Array in Javascript [duplicate]
Generating a tower defense maze (longest maze with limited walls) - near-optimal heuristic?
The POM for project is missing, no dependency information available
save html output of page after execution of the page's javascript
Game network physics collision