Response header should accept null values

[tenor]

On rc1-final, Kestrel returns a 502 (Bad Gateway) if a null value is passed into a response header.

        // GET: api/values
        [HttpGet]
        public IEnumerable<string> Get()
        {
            Response.Headers.Add("Hello", new string[] { null });
            return new string[] { "value1", "value2" };
        }

The action method above will trigger that response.
Null values in headers should be allowed. The server will then output an empty string header value in the HTTP response stream.

[Tratcher]

Please don't list multiple issues in a single bug.

2 and 3 have nothing to do with Kestrel and should be discussed over here: https://github.com/aspnet/httpabstractions/

[tenor]

Point taken.

I've created issues HttpAbstraction 489 and HttpAbstraction 490 and edited the bug report.

[muratg]

@Tratcher is null in headers valid per the RFC? If so this looks like a bug.

[Tratcher]

Assigning meaning to null is highly discouraged. If you really want to send any empty header, why not use string.Empty instead of null?

HTTP technically allows empty headers (https://tools.ietf.org/html/rfc7230#section-3.2), but sending such is semantically meaningless for all currently defined headers. Clients and proxies will most likely discard the empty header so basing any application logic on the presence or absence of an empty header is very fragile, don't do it.

That said, null and string.Empty should not crash Kestrel. I recommend it ignore null values and allow empty values, but do whatever is simplest to implement.