HTAB is incorrectly rejected within the OWS in header fields

[kenballus]

Environment

Debian 12, Linux 6.10.2
Nginx built from source at 00637cc.

Description

From RFC 9112:

field-line = field-name ":" OWS field-value OWS

From RFC 9110:

OWS = *( SP / HTAB )

The RFCs require that HTTP headers allow both spaces and tabs in the optional whitespace before a header value.

Nginx allows only spaces in this context, and incorrectly disallows tabs.

Steps to reproduce

0. Set up Nginx. I'll be using the container specified here, but this bug is independent of config, so feel free to use whatever configuration you want.
1. Send a request that uses a tab in the whitespace in the Host header.

printf 'GET / HTTP/1.1\r\nHost:\twhatever\r\n\r\n' | nc localhost 80

2. Observe that you get a 400.

HTTP/1.1 400 Bad Request
Server: nginx/1.27.2
Date: Sun, 15 Sep 2024 00:09:24 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.27.2</center>
</body>
</html>

3. Change the tab to a space, then resend the request:

printf 'GET / HTTP/1.1\r\nHost: whatever\r\n\r\n' | nc localhost 80

4. Observe that you get the expected response:

HTTP/1.1 200 OK
Server: nginx/1.27.2
Date: Sun, 15 Sep 2024 00:32:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

9d
{"headers":[["SG9zdA==","d2hhdGV2ZXI="],["Q29udGVudC1MZW5ndGg=",""],["Q29udGVudC1UeXBl",""]],"body":"","method":"R0VU","uri":"Lw==","version":"SFRUUC8xLjE="}
0

These two requests are equivalent per the RFCs, and should therefore get the same response.