headers: Ensure untrusted header values are UTF-8
Our API uses char *
for all headers throughout.
This means that GObject-Introspection assumes it it is valid UTF-8, so languages assume it is valid UTF-8.
Applications using the C API assume it is valid UTF-8.
Passing along unverified bytes is unsafe and will cause issues.
Adding UTF-8 variants for the entire API is unreasonable to me, not only does that mean opting into safe behavior but it creates a mess.
Changing the API to uint8*
creates a different mess and still makes it easy for C applications to use it incorrectly.
Edited by Patrick Griffis