diff --git a/doc/configuration.txt b/doc/configuration.txt
index 2585c8505..ca82a7795 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -9962,7 +9962,7 @@ no option accept-unsafe-violations-in-http-request
   When this option is set, the following rules are observed:
 
     * In H1 only, invalid characters, including NULL character, in header name
-      will be accepted;
+      will not be rejected; however the header will be dropped.
 
     * In H1 only, NULL character in header value will be accepted;
 
@@ -10028,7 +10028,7 @@ no option accept-unsafe-violations-in-http-response
   When this option is set, the following rules are observed:
 
     * In H1 only, invalid characters, including NULL character, in header name
-      will be accepted;
+      will not be rejected; however the header will be dropped.
 
     * In H1 only, NULL character in header value will be accepted;
 
diff --git a/src/h1.c b/src/h1.c
index 4ea759191..e1df21a50 100644
--- a/src/h1.c
+++ b/src/h1.c
@@ -952,6 +952,20 @@ int h1_headers_to_hdr_list(char *start, const char *stop,
 					goto http_output_full;
 				}
 
+				/* Skip headers whose names contain forbidden
+				 * chars. When any is detected, h1m->err_pos >= 0,
+				 * so we recheck the name only when an error was
+				 * detected.
+				 */
+				if (unlikely(h1m->err_pos >= 0)) {
+					size_t i = 0;
+					while (i < n.len && HTTP_IS_TOKEN(n.ptr[i]))
+						i++;
+
+					if (i < n.len)
+						break;
+				}
+
 				if (isteqi(n, ist("transfer-encoding"))) {
 					ret = h1_parse_xfer_enc_header(h1m, v);
 					if (ret < 0) {