diff --git a/src/h3.c b/src/h3.c
index a66a48a44..c99619b72 100644
--- a/src/h3.c
+++ b/src/h3.c
@@ -752,6 +752,18 @@ static ssize_t h3_headers_to_htx(struct qcs *qcs, const struct buffer *buf,
 		goto out;
 	}
 
+	/* Ensure that final URI does not contains LWS nor CTL characters. */
+	for (i = 0; i < path.len; i++) {
+		unsigned char c = istptr(path)[i];
+		if (HTTP_IS_LWS(c) || HTTP_IS_CTL(c)) {
+			TRACE_ERROR("invalid character in path", H3_EV_RX_FRAME|H3_EV_RX_HDR, qcs->qcc->conn, qcs);
+			h3s->err = H3_ERR_MESSAGE_ERROR;
+			qcc_report_glitch(h3c->qcc, 1);
+			len = -1;
+			goto out;
+		}
+	}
+
 	sl = htx_add_stline(htx, HTX_BLK_REQ_SL, flags, meth, path, ist("HTTP/3.0"));
 	if (!sl) {
 		len = -1;