Deprecation warning from waitress: clear_untrusted_proxy_headers

[jugmac00]

When I run my Zope app's testsuite, I get the following warning.

  /home/jugmac00/Projects/bliss_deployment/work/_/home/jugmac00/.batou-shared-eggs/waitress-1.4.3-py2.7.egg/waitress/adjustments.py:445: DeprecationWarning: In future versions of Waitress clear_untrusted_proxy_headers will be set to True by default. You may opt-out by setting this value to False, or opt-in explicitly by setting this to True.
    DeprecationWarning,

-- Docs: https://docs.pytest.org/en/latest/warnings.html

I use plone.recipe.zope2instance so I assume there should be a setting for clear_untrusted_proxy_headers, too?

Thanks!

[mauritsvanrees]

From waitress 1.4.4 code:

    # Should waitress clear any proxy headers that are not deemed trusted from
    # the environ? Change to True by default in 2.x
    clear_untrusted_proxy_headers = _bool_marker

...

        if self.clear_untrusted_proxy_headers is _bool_marker:
            warnings.warn(
                "In future versions of Waitress clear_untrusted_proxy_headers will be "
                "set to True by default. You may opt-out by setting this value to "
                "False, or opt-in explicitly by setting this to True.",
                DeprecationWarning,
            )
            self.clear_untrusted_proxy_headers = False

To me it seems good to set clear_untrusted_proxy_headers = true in the [server:main] section in wsgi.ini.

Possibly make this configurable in the recipe.

BTW, the untrusted headers are mostly a few X_FORWARDED headers, but there is code in that same file to make this more dynamic.

[mauritsvanrees]

Fixed with PR #154.