FWIW, I think that from a security and software quality perspective, explicitly defining
which headers you want to feed to the API is the much better approach anyway.
-- Alex
--
Principal, Evariste Systems LLC (
www.evaristesys.com)
Sent from my Google Nexus.