Compliance

RFC 9110/9112 Compliance

These tests validate that HTTP/1.1 servers correctly implement the protocol requirements defined in RFC 9110 (HTTP Semantics) and RFC 9112 (HTTP/1.1 Message Syntax and Routing).

Each test sends a request that violates a specific MUST or MUST NOT requirement from the RFCs. A compliant server should reject these with a 400 Bad Request (or close the connection). Accepting the request silently means the server is non-compliant and potentially vulnerable to downstream attacks.