I remember for a while the only way to change the User Agent header for iOS UIWebViews was to set the user agent header in lowercase, as long as it's after the actual header, PHP will uppercase both and the later one will win (for $_SERVER atleast, obviously this is PHP specific.)
Yes, the fun is to figure out what they're using and exploit it. HTTP is a terrible format to parse, with lots of idiotic extra features that have no legitimate usage. But it'd be fairly easy for them to harden things, just abort if they run into anything weird.
Which may be a way around this. Run a local proxy that does stuff like use line folding, comments in headers, and other things to make their parse code abort. Of course, you then run the risk of breaking compatibility with actual HTTP servers (with good reason-those are bad features and such messages are probably an attack). And of course the ISP can always fix their code.
I remember for a while the only way to change the User Agent header for iOS UIWebViews was to set the user agent header in lowercase, as long as it's after the actual header, PHP will uppercase both and the later one will win (for $_SERVER atleast, obviously this is PHP specific.)