// Disallow: / but Allow: /$ (only root), Allow: /index.html$, Allow: /public/
        assertFalse(robotsTxt.allows("/about", "ComplexBot"));
        assertTrue(robotsTxt.allows("/", "ComplexBot")); // Allow: /$
        assertTrue(robotsTxt.allows("/index.html", "ComplexBot")); // Allow: /index.html$
        assertFalse(robotsTxt.allows("/index.html?page=1", "ComplexBot")); // $ means exact end

         * 2. If both Allow and Disallow patterns match with the same length, Allow takes precedence
         * 3. If no pattern matches, the path is allowed by default
         *
         * @param path the path to check
         * @return true if the path is allowed, false otherwise
         */
        public boolean allows(final String path) {
            PathPattern longestAllowMatch = null;

			asRoot: false,

			policy: `{"Effect": "Allow",
				"Action": ["kms:CreateKey"] }`,

			wantStatusCode: http.StatusOK,
		},
		{
			name:   "create key as user set policy to allow want success",
			method: http.MethodPost,
			path:   kmsKeyCreatePath,
			query:  map[string]string{"key-id": "second-new-test-key"},
			asRoot: false,

			policy: `{"Effect": "Allow",
				"Action": ["kms:CreateKey"],

 * <li>Disallow and Allow directives with pattern matching</li>
 * <li>Wildcard (*) in paths - matches any sequence of characters</li>
 * <li>End-of-path ($) matching - matches the end of URL path</li>
 * <li>Crawl-delay directive</li>
 * <li>Sitemap directive</li>
 * <li>Comment support (#)</li>
 * <li>Priority-based matching (longest match wins, Allow beats Disallow at equal length)</li>
 * </ul>
 *

    @BeforeEach
    void setUp() {
        ace = new ACE();
    }

    @Test
    @DisplayName("Test decode with allow ACE")
    void testDecodeAllowACE() throws Exception {
        // Prepare test data - Allow ACE
        testBuffer = new byte[100];
        testBuffer[0] = 0x00; // Allow ACE
        testBuffer[1] = 0x03; // FLAGS_OBJECT_INHERIT | FLAGS_CONTAINER_INHERIT
        testBuffer[2] = 0x20; // Size low byte (32)

///

### Enable Proxy Forwarded Headers { #enable-proxy-forwarded-headers }

You can start FastAPI CLI with the *CLI Option* `--forwarded-allow-ips` and pass the IP addresses that should be trusted to read those forwarded headers.

If you set it to `--forwarded-allow-ips="*"` it would trust all the incoming IPs.

### Ativar headers encaminhados pelo proxy { #enable-proxy-forwarded-headers }

Você pode iniciar a CLI do FastAPI com a opção de linha de comando `--forwarded-allow-ips` e informar os endereços IP que devem ser confiáveis para ler esses headers encaminhados.

Se você definir como `--forwarded-allow-ips="*"`, ele confiará em todos os IPs de entrada.

///

### Включить пересылаемые заголовки прокси { #enable-proxy-forwarded-headers }

Вы можете запустить FastAPI CLI с опцией командной строки `--forwarded-allow-ips` и передать IP‑адреса, которым следует доверять при чтении этих пересылаемых заголовков.

Если указать `--forwarded-allow-ips="*"`, приложение будет доверять всем входящим IP.

///

### Habilitar headers reenviados por el Proxy { #enable-proxy-forwarded-headers }

Puedes iniciar FastAPI CLI con la *Opción de CLI* `--forwarded-allow-ips` y pasar las direcciones IP que deberían ser confiables para leer esos headers reenviados.

Si lo estableces a `--forwarded-allow-ips="*"`, confiaría en todas las IPs entrantes.

  /** The HTTP {@code Access-Control-Allow-Headers} header field name. */
  public static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";

  /** The HTTP {@code Access-Control-Allow-Methods} header field name. */
  public static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";

  /** The HTTP {@code Access-Control-Allow-Origin} header field name. */