undocumented allow-all for forwarder-headers

2026-01-14 11:09:11 +08:00 · 2024-04-25 12:23:34 +02:00 · 2024-04-25 12:23:34 +02:00 · 5bbf373e18
commit 5bbf373e18
parent 3e042e8269
1 changed files with 1 additions and 1 deletions
--- a/gunicorn/http/message.py
+++ b/gunicorn/http/message.py
@ -146,7 +146,7 @@ class Message(object):
            # HTTP_X_FORWARDED_FOR = 2001:db8::ha:cc:ed,127.0.0.1,::1
            # Only modify after fixing *ALL* header transformations; network to wsgi env
            if "_" in name:
-                if name in forwarder_headers:
+                if name in forwarder_headers or "*" in forwarder_headers:
                    # This forwarder may override our environment
                    pass
                elif self.cfg.header_map == "dangerous":