From f04b5bedad7b281bee9814686bba1762bae092eb Mon Sep 17 00:00:00 2001
From: bashonly <bashonly@bashonly.com>
Date: Wed, 16 Aug 2023 18:42:48 -0500
Subject: [ie] Do not smuggle `http_headers`

See: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-3ch3-jhc6-5r8x

Authored by: coletdjnz
---
 yt_dlp/utils/networking.py | 1 +
 1 file changed, 1 insertion(+)

(limited to 'yt_dlp/utils/networking.py')

diff --git a/yt_dlp/utils/networking.py b/yt_dlp/utils/networking.py
index ba0493cc2..ed0250011 100644
--- a/yt_dlp/utils/networking.py
+++ b/yt_dlp/utils/networking.py
@@ -123,6 +123,7 @@ def clean_headers(headers: HTTPHeaderDict):
     if 'Youtubedl-No-Compression' in headers:  # compat
         del headers['Youtubedl-No-Compression']
         headers['Accept-Encoding'] = 'identity'
+    headers.pop('Ytdl-socks-proxy', None)
 
 
 def remove_dot_segments(path):
-- 
cgit v1.2.3