Description
Congratulations on the Go 1.6 release! With the new release of Go, a behavior has been introduced that cannot be disabled and causes some of my HTTP requests to fail:
Researching further, I do see that there is an RFC dealing with whitespace in headers. Specifically section 3.2.3 of this document: https://tools.ietf.org/html/rfc7230.
However, this change has seemingly introduced backwards incompatibility with software that I have written against go1.5.3. Specifically, software that is using the same authentication mechanism as the 11.x
release of the Chef server.
In their authentication mechanism, they have a header called Hashed Path
which is used as part of the authentication and verification of the request. Without this header, the requests fail. I'm not only writing a client that must use this authentication mechanism, but also a server that consumes requests that match this spec.
While I agree that enforcement of the RFC is important, there is no way to guarantee people are not in violation of the RFC due to its fairly recent inception. I'm not asking for the feature to be removed, but wonder if there is a way we could toggle this option for an *http.Server
.