This originally came in as a security report (http://b/502454734 internally). However, exploiting this is implausible.
Therefore, this issue has been classified as security hardening effort.
When writing net/http.Request, its trailer headers are not validated and might contain control characters.
This originally came in as a security report (http://b/502454734 internally). However, exploiting this is implausible.
Therefore, this issue has been classified as security hardening effort.
When writing
net/http.Request, its trailer headers are not validated and might contain control characters.