From 5bbf373e181e11270e09db6987980c02931b7ae5 Mon Sep 17 00:00:00 2001
From: "Paul J. Dorn" <pajod@users.noreply.github.com>
Date: Thu, 25 Apr 2024 12:23:34 +0200
Subject: [PATCH] undocumented allow-all for forwarder-headers

---
 gunicorn/http/message.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/gunicorn/http/message.py b/gunicorn/http/message.py
index d65aebe5c..1f2875abe 100644
--- a/gunicorn/http/message.py
+++ b/gunicorn/http/message.py
@@ -146,7 +146,7 @@ def parse_headers(self, data, from_trailer=False):
             # HTTP_X_FORWARDED_FOR = 2001:db8::ha:cc:ed,127.0.0.1,::1
             # Only modify after fixing *ALL* header transformations; network to wsgi env
             if "_" in name:
-                if name in forwarder_headers:
+                if name in forwarder_headers or "*" in forwarder_headers:
                     # This forwarder may override our environment
                     pass
                 elif self.cfg.header_map == "dangerous":