src/headers.ts
const forbiddenHeaders: ReadonlySet<string> = new Set([
'accept-charset',
'accept-encoding',
'access-control-request-headers',
'access-control-request-method',
'connection',
'content-length',
'cookie',
'cookie2',
'date',
'dnt',
'expect',
'host',
'keep-alive',
'origin',
'referer',
'te',
'trailer',
'transfer-encoding',
'upgrade',
'via',
]);
export const isForbidden = (headerName: string) =>
forbiddenHeaders.has(headerName.toLowerCase());