OkHttp HPACK tests
==================

These tests use the [hpack-test-case][1] project to validate OkHttp's HPACK
implementation.  The HPACK test cases are in a separate git submodule, so to
initialize them, you must run:

    git submodule init
    git submodule update

TODO
----

 * Add maven goal to avoid manual call to git submodule init.
 * Make hpack-test-case update itself from git, and run new tests.

    fileSystem.read(file) {
      return readStory(this)
    }
  }

  /** Iterate through the hpack-test-case resources, only picking stories for the current draft.  */
  fun storiesForCurrentDraft(): Array<String> {
    val resource =
      HpackJsonUtil::class.java.getResource("/hpack-test-case")
        ?: return arrayOf()

    val testCaseDirectory = File(resource.toURI()).toOkioPath()

apiVersion: apps/v1
kind: Deployment
metadata:
  creationTimestamp: null
  name: hello
spec:
  replicas: 7
  selector:
    matchLabels:
      app: hello
      tier: backend
      track: stable
  strategy: {}
  template:
    metadata:
      annotations:
        prometheus.io/path: /stats/prometheus
        prometheus.io/port: "15020"
        prometheus.io/scrape: "true"

    # Return some error
    ...
```

But by using the `secrets.compare_digest()` it will be secure against a type of attacks called "timing attacks".

### Timing Attacks

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

And they send a request with a username `johndoe` and a password `love123`.

// The next step is to copy (using pkg/conversion) into the internal struct. The runtime
// package's DefaultScheme has conversion functions installed which will unpack the
// JSON stored in RawExtension, turning it into the correct object type, and storing it
// in the Object. (TODO: In the case where the object is of an unknown type, a
// runtime.Unknown object will be created and stored.)
//

   it throws an `InterruptedIOException`.

## Version 1.5.2

_2014-03-17_

 * Fix bug where deleting a file that was absent from the `HttpResponseCache`
   caused an IOException.
 * Fix bug in HTTP/2 where our HPACK decoder wasn't emitting entries in
   certain eviction scenarios, leading to dropped response headers.

## Version 1.5.1

_2014-03-11_

 * Fix 1.5.0 regression where connections should not have been recycled.

  // otherwise identical (parallel requests, requests when earlier requests did not modify etc)
  // The UID is meant to track the round trip (request/response) between the KAS and the WebHook, not the user request.
  // It is suitable for correlating log entries between the webhook and apiserver, for either auditing or debugging.
  optional string uid = 1;

functions](https://www.tensorflow.org/guide/create_op#define_the_op_interface)
are skipped, and any checks implemented inside the shape inference code are not
executed.

The security impact of skipping those checks should be low, since the attack
scenario would require a malicious user to be able to control the model which as
stated above is already equivalent to code execution. In any case, the
recommendation is not to serve models using Eager mode since it also has

            call.executeAsync()
          }
        }
      }

      assertThat(call.canceled).isTrue()
      assertThat(call.responseClosed).isTrue()
    }
  }

  /** A call that keeps track of whether its response body is closed. */
  private class ClosableCall : FailingCall() {
    private val response =
      Response.Builder()
        .request(Request("https://example.com/".toHttpUrl()))

We highly recommend you keep OkHttp up-to-date. As with auto-updating web browsers, staying current
with HTTPS clients is an important defense against potential security problems. [We
track][tls_history] the dynamic TLS ecosystem and adjust OkHttp to improve connectivity and
security.

OkHttp uses your platform's built-in TLS implementation. On Java platforms OkHttp also supports