From f6238c2fc39e1b55ecb7e6a837d7533b6b51d6e8 Mon Sep 17 00:00:00 2001
From: Yan Naing Tun <yannaingtun2007@gmail.com>
Date: Tue, 4 Mar 2025 12:49:10 +0800
Subject: [PATCH] Update srs_protocol_http_stack.cpp

---
 trunk/src/protocol/srs_protocol_http_stack.cpp | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/trunk/src/protocol/srs_protocol_http_stack.cpp b/trunk/src/protocol/srs_protocol_http_stack.cpp
index 0c09f572c..876016c0a 100644
--- a/trunk/src/protocol/srs_protocol_http_stack.cpp
+++ b/trunk/src/protocol/srs_protocol_http_stack.cpp
@@ -2861,8 +2861,14 @@ reexecute:
           ch = *p;
           c = TOKEN(ch);
 
-          if (!c)
-            break;
+        if (!c) {
+	     // Add this fix to explicitly reject space in header field names
+	     if (ch == ' ') {
+	        SET_ERRNO(HPE_INVALID_HEADER_TOKEN);
+	        goto error;
+	     }
+	     break;
+	}
 
           switch (parser->header_state) {
             case h_general: {