hyperium
Don't stop parsing after invalid elements in `Access-Control-Allow-Headers`
This behaviour matches other CORS headers like Access-Control-Allow-Headers and fixes a parsing bug.
As per https://httpwg.org/specs/rfc9110.html#abnf.extension, empty elements in the header are allowed, but previously AccessControlAllowHeaders::iter would incorrectly finish the returned iterator early due to take_while being used.
Technically, invalid elements in the header should cause an error, but this is not possible with the current interface (which parses the header incrementally as the iterator is advanced) and there's an argument to be made that relaxed parsing is fine too.
For context, this bug causes a WPT failure for servo in cors/request-headers.htm (See wpt.fyi). The test attempts to use ,y-lol,x-PriNT, ,,,Y-PRINT as a value for Access-Control-Allow-Headers (whose ABNF is #field-name ^1).
I'm not sure what the process for requesting a new release for this crate is, but it would be nice to have a new patch release when this is merged.