Perhaps, I should have started with the use case. Yes, our module is sensitive to the space in the headers. Our module implements security policies. One of the things we look at is headers and their values. How they compare when a normal browser sends them vs when sent using a script Etc. We rely on these sort anomalies to tease out the good from the bad. Not able extract the exact string that was sent by the client reduces our effectiveness. Hope you now understand the motivation behind my question. Thanks.