diff --git a/core/src/main/java/io/undertow/server/Connectors.java b/core/src/main/java/io/undertow/server/Connectors.java
index 9939ce2097..4dcddb9ea2 100644
--- a/core/src/main/java/io/undertow/server/Connectors.java
+++ b/core/src/main/java/io/undertow/server/Connectors.java
@@ -664,11 +664,19 @@ public static void verifyToken(HttpString header) {
      * Returns true if the token character is valid according to rfc7230
      */
     public static boolean isValidTokenCharacter(byte c) {
-        return ALLOWED_TOKEN_CHARACTERS[c];
+        if (c < 0 || c > ALLOWED_TOKEN_CHARACTERS.length - 1) {
+            return false;
+        } else {
+            return ALLOWED_TOKEN_CHARACTERS[c];
+        }
     }
 
     public static boolean isValidSchemeCharacter(byte c) {
-        return ALLOWED_SCHEME_CHARACTERS[c];
+        if (c < 0 || c > ALLOWED_SCHEME_CHARACTERS.length - 1) {
+            return false;
+        } else {
+            return ALLOWED_SCHEME_CHARACTERS[c];
+        }
     }