diff --git a/package.json b/package.json
index 787eff60..d041f128 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "llhttp",
-  "version": "2.1.3",
+  "version": "2.1.4",
   "description": "HTTP parser in LLVM IR",
   "main": "lib/llhttp.js",
   "types": "lib/llhttp.d.ts",
diff --git a/src/llhttp/http.ts b/src/llhttp/http.ts
index 092a8e04..55ccaca0 100644
--- a/src/llhttp/http.ts
+++ b/src/llhttp/http.ts
@@ -45,6 +45,7 @@ const NODES: ReadonlyArray<string> = [
   'header_field_start',
   'header_field',
   'header_field_colon',
+  'header_field_colon_discard_ws',
   'header_field_general',
   'header_field_general_otherwise',
   'header_value_discard_ws',
@@ -361,13 +362,31 @@ export class HTTP {
       .select(SPECIAL_HEADERS, this.store('header_state', 'header_field_colon'))
       .otherwise(this.resetHeaderState('header_field_general'));
 
+    const onInvalidHeaderFieldChar =
+      p.error(ERROR.INVALID_HEADER_TOKEN, 'Invalid header field char');
+
+    const checkLenientFlagsOnColon = this.testFlags(FLAGS.LENIENT, {
+      1: n('header_field_colon_discard_ws'),
+    }, span.headerField.end().skipTo(onInvalidHeaderFieldChar));
+
     n('header_field_colon')
-      .match(' ', n('header_field_colon'))
+      // https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.4
+      // Whitespace character is not allowed between the header field-name
+      // and colon. If the next token matches whitespace then throw an error.
+      //
+      // Add a check for the lenient flag. If the lenient flag is set, the
+      // whitespace token is allowed to support legacy code not following
+      // http specs.
+      .peek(' ', checkLenientFlagsOnColon)
       .peek(':', span.headerField.end().skipTo(n('header_value_discard_ws')))
       // Fallback to general header, there're additional characters:
       // `Connection-Duration` instead of `Connection` and so on.
       .otherwise(this.resetHeaderState('header_field_general'));
 
+    n('header_field_colon_discard_ws')
+       .match(' ', n('header_field_colon_discard_ws'))
+       .otherwise(n('header_field_colon'));
+
     n('header_field_general')
       .match(this.TOKEN, n('header_field_general'))
       .otherwise(n('header_field_general_otherwise'));