fix: reject @ character in header names

[mmustafasenoglu]

Summary

Remove the exception that allowed '@' character in header names.

Changes

• Removed the special case that allowed '@' in header names
• Updated the comment to reference RFC 9110 Section 5.1

Why

RFC 9110 Section 5.1 states that header field names must consist only of tchar characters:

tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*"
      / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~"
      / DIGIT / ALPHA

'@' is not in this list, so header names containing '@' should be rejected with a 400 response.

The previous fix for INKqa09141 incorrectly allowed '@' in header names.

Fixes #12082

[mmustafasenoglu]

Hello! This is my first contribution to Apache Traffic Server. Could you please trigger CI for this bug fix PR? Thank you!

[JosiahWI]

@mmustafasenoglu This is a bug fix from a standards point of view, but anyone relying on the @ character in internal headers could perceive this as a breaking change. Would you like to label it with Bug, Incompatible, or both? I expect it to be discussed by the community within a week, but I'm interested in your opinion on it.

[mmustafasenoglu]

Hi @JosiahWI, thanks for asking! I think both labels make sense here. While this is a bug fix for RFC 9110 compliance, the character could indeed be used in internal headers, so marking it as Incompatible is appropriate. I've added both Bug and Incompatible labels. Thanks!

[bneradt]

[approve ci]

[mmustafasenoglu]

Hi, following up on this bug fix PR. It fixes the @ character validation in header names per RFC 9110. Would appreciate a review. Thank you!