Implement security validation to prevent HTTP header injection attacks:
- Reject header values containing \r or \n characters
- Add comprehensive test coverage for CRLF protection
- Replace multiline YAML test with proper rejection test
Security improvements:
- Validates header values to prevent header injection
- Clear warning messages when values are rejected
- Four new test cases covering LF, CR, CRLF, and multiline scenarios
This addresses a critical security concern where malicious headers
could be injected via newline characters in header values.
All 84 tests passing.
15ae50ae2f