Hey hey
thanks alot for this library!

i'd be interested if you'd be willing to accept a PR which does some kind of validation for values which are passed as part of the request header.
in my view this data should be considered unsafe, and applying some validation on it mostly beneficial.
if so, would you prefer a version where a regexp can be passed, or rather a generic validator function which leaves it open to the developer to return true/false if it's a valid id (and thus also leaving ppl open the possibility to log some lines in that case?)
thanks!
cheers
Jan