Is there an existing issue for this?

• I have searched the existing issues

Describe the bug

According to the RFC 9114 HTTP/3, We need to recognise a malformed request based on the criteria outlined in section-4.1.2 of the RFC:

A malformed request or response is one that is an otherwise valid sequence of frames but is invalid due to:

• the presence of prohibited fields or pseudo-header fields,
• the absence of mandatory pseudo-header fields,
• invalid values for pseudo-header fields,
• ...

Additionally, based on section-4.1.2-4 in the HTTP/3 RFC, we should handle malformed requests by sending an H3_MESSAGE_ERROR HTTP error code.

Malformed requests or responses that are detected MUST be treated as a stream error of type H3_MESSAGE_ERROR.

I've found a few instances where we're treating these cases as H3_GENERAL_PROTOCOL_ERROR, which isn't quite right.

One example is when there are invalid values for pseudo-header fields. For instance, if we receive an invalid :authority pseudo-header like userinfo@abs.dfe which includes a subdomain(violate section-4.3.1-2.10.1), we should respond with an H3_MESSAGE_ERROR. However, in the current implementation of Kestrel's HTTP/3, it returns a H3_GENERAL_PROTOCOL_ERROR instead in this line.

Expected Behavior

No response

Steps To Reproduce

No response

Exceptions (if any)

No response

.NET Version

No response

Anything else?

No response