Forwarded header support for Morepath
more.forwarded: Forwarded header support for Morepath
Note: Only use this if you know you are behind a trusted proxy that indeed sets the Forwarded header, otherwise you expose your server to potential attacks.
- Morepath 0.14 introduces a HOST_HEADER_PROTECTION tween that we should be used over. This stops the forwarded header from injecting incorrect Host headers.
- Make tests work with Morepath 0.14 and later.
- Initial public release.