The HTTP/2 implementation applies stricter handling of invalid characters in HTTP header names and values than the HTTP/1 implementation.

    Header field names are case-insensitive and are transmitted over the wire strictly as lower-case strings. The API provided by Node.js allows header names to be set as mixed-case strings (e.g. Content-Type) but will convert those to lower-case (e.g. content-type) upon transmission.

    Header field-names must only contain one or more of the following ASCII characters: a-z, A-Z, 0-9, !, #, $, %, &, ', *, +, -, ., ^, _, ` (backtick), |, and ~.

    Using invalid characters within an HTTP header field name will cause the stream to be closed with a protocol error being reported.

    Header field values are handled with more leniency but should not contain new-line or carriage return characters and should be limited to US-ASCII characters, per the requirements of the HTTP specification.