Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Prevent header spoofing via underscore/dash conflation. #80
This PR prevents the WSGI header attack as documented here (by dropped headers containing underscores from the request)
Note that I'm not convinced that waitress is actually vulnerable here: we don't rely on
I don't think it would hurt to apply this sanitization.