If you use nginx to sanitize the HTTP_HOST and SERVER_NAME fields, you are doing the right thing and do not need to worry about Host header poisining.
Like Django, Pyramid considers a large part of this the task of the WSGI host environment. And nginx does an excellent, battle-hardened job of sanitizing the HTTP request information.