* Check if the given string is suitable to be used as an HTTP header value. * * @param value The value to check for validity * @return true if the argument is a valid header value, false otherwise */
| 153 | * @return true if the argument is a valid header value, false otherwise |
| 154 | */ |
| 155 | bool HttpUtility::IsValidHeaderValue(std::string_view value) |
| 156 | { |
| 157 | /* |
| 158 | * Derived from the following syntax definition in RFC9110: |
| 159 | * |
| 160 | * field-value = *field-content |
| 161 | * field-content = field-vchar [ 1*( SP / HTAB / field-vchar ) field-vchar ] |
| 162 | * field-vchar = VCHAR / obs-text |
| 163 | * obs-text = %x80-FF |
| 164 | * VCHAR = %x21-7E ; visible (printing) characters |
| 165 | * |
| 166 | * References: |
| 167 | * - https://datatracker.ietf.org/doc/html/rfc9110#section-5.5 |
| 168 | * - https://datatracker.ietf.org/doc/html/rfc9110#appendix-A |
| 169 | * - https://www.rfc-editor.org/rfc/rfc5234#appendix-B.1 |
| 170 | */ |
| 171 | |
| 172 | if (!value.empty()) { |
| 173 | // Must not start or end with space or tab. |
| 174 | for (char c : {value.front(), value.back()}) { |
| 175 | if (c == ' ' || c == '\t') { |
| 176 | return false; |
| 177 | } |
| 178 | } |
| 179 | } |
| 180 | |
| 181 | return std::all_of(value.begin(), value.end(), [](char c) { |
| 182 | return c == ' ' || c == '\t' || ('\x21' <= c && c <= '\x7e') || ('\x80' <= c && c <= '\xff'); |
| 183 | }); |
| 184 | } |