Prevent http header injection by rejecting control characters in
http.client.putrequest(...).