What's going on with `uwsgi_param`s?

[Forty-Bot]

So what's up with these uwsgi_params:

location / {
    include                       uwsgi_params;
    uwsgi_pass                    unix:/tmp/uwsgi.sock;
    uwsgi_param Host              $host;
    uwsgi_param X-Real-IP         $remote_addr;
    uwsgi_param X-Forwarded-For   $proxy_add_x_forwarded_for;
    uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
}

It looks like they're trying to prevent spoofing some headers that are normally handled by the server. But

• All client headers have HTTP_ prefixed to them. So it's impossible to spoof e.g. REMOTE_ADDR since it would turn into HTTP_REMOTE_ADDR.
• Conversely, the UWSGI params aren't even overriding the right HTTP headers. If the client sets X-Real-IP, it will turn into the HTTP_X_REAL_IP uwsgi_param, not X-Real-IP.

These all seem useless, and b773081 doesn't give any justification.