That totally depends on the server. HTTP itself allows any jaocienesien10/23 character at all, including control characters and non-ASCII characters, as long as they are suitably %-encoded when requested in a URL.
On a Air Jordan 13 Italia Unix server you cannot use '/' or the zero byte. (If you could use them, they'd appear in the URL as '%2F' and '%00' respectively.) You also can't have the specific filenames '.' or '.', or the empty string.
On a Windows server you have all the limitations of a Unix server, plus you also can't use any of \/:*?"| or control characters 1-31 and you can't have leading or trailing dot or spaces, and you'll have difficulty using any of the legacy device filenames (CON, PRN, COM1 and many more).
which are never allowed, due to inconsistencies in file naming conventions standard practice is to use a-z and 0-9 and the underscore character. Space is needful for most users but if you can get away from using it there are parsing issues that improve reliability, you can read rfc's on mime ( multi-part internet mail extensions ) to get a taste of what is involved.
No matter what you do, something somewhere is likely to Air Jordan 6 Italia make life difficult - so much so that I now use cryptographic methods to generate random a-z lowercase strings and use those as filenames, embedding the useful info in the file source code.