I'm getting a 400 Bad Request response from my WAF/CDN, with the reason for failure being given as ERR_HRS_SPACE_IN_HDR_NAME. What is causing this and how can I avoid it?
The HRS in the error reason is "HTTP Request Smuggling", which is a way of interfering with the sequences of HTTP requests that are received from one or more users by a web server. It's likely you have some unnecessary whitespace in your request headers (probably before the colon - e.g. Accept : application/json rather than Accept: application/json or preceding the header name - e.g. [space]Transfer-Encoding: chunked).
Checking your headers and removing the offending whitespace should prevent this issue.