First, we should not let user shoot themselves in the foot. But most
importantly, we need to validate the string as it is marked as a safe
option (especially CRLF there could be disastrous).
(cherry picked from commit 2656ae56c83d87634ba5a137f118c04570ec8052)

Conflicts:

	modules/access/http.c