- Added `WithOrigin` within `apis/core/validation` with adjusted tests. ([#132825](https://github.com/kubernetes/kubernetes/pull/132825), [@PatrickLaabs](https://github.com/PatrickLaabs))
- Added scoring for the prioritized list feature so nodes that best satisfy the highest-ranked subrequests were chosen. ([#134711](https://github.com/kubernetes/kubernetes/pull/134711), [@mortent](https://github.com/mortent)) [SIG Node, Scheduling and Testing]

                A description of the API. Supports Markdown (using
                [CommonMark syntax](https://commonmark.org/)).

                It will be added to the generated OpenAPI (e.g. visible at `/docs`).

                Read more in the
                [FastAPI docs for Metadata and Docs URLs](https://fastapi.tiangolo.com/tutorial/metadata/#metadata-for-api).

                **Example**

                Read more about it in the
                [FastAPI docs for Additional Responses in OpenAPI](https://fastapi.tiangolo.com/advanced/additional-responses/).

                And in the
                [FastAPI docs for Bigger Applications](https://fastapi.tiangolo.com/tutorial/bigger-applications/#include-an-apirouter-with-a-custom-prefix-tags-responses-and-dependencies).
                """

* Fix polarity of NodePort logic to avoid leaked ports ([#43259](https://github.com/kubernetes/kubernetes/pull/43259), [@thockin](https://github.com/thockin))
* Upgrade golang versions to 1.7.5 ([#41771](https://github.com/kubernetes/kubernetes/pull/41771), [@cblecker](https://github.com/cblecker))



# v1.5.6

* Patch CVE-2016-8859 in alpine based images: ([#42937](https://github.com/kubernetes/kubernetes/pull/42937), [@timstclair](https://github.com/timstclair))

    assertContent("This is secure HTTPS!", response)
  }

  @Test
  fun redirectToAnotherOriginServer() {
    redirectToAnotherOriginServer(false)
  }

  @Test
  fun redirectToAnotherOriginServerWithHttps() {
    redirectToAnotherOriginServer(true)
  }

  private fun redirectToAnotherOriginServer(https: Boolean) {
    if (https) {

    assertFailsWith<IllegalArgumentException> {
      requestBuilder.url("ftp://hostname/path")
    }.also { expected ->
      assertThat(expected.message).isEqualTo("Expected URL scheme 'http' or 'https' but was 'ftp'")
    }
  }

  @Test
  fun invalidPort() {
    val requestBuilder = Request.Builder()
    assertFailsWith<IllegalArgumentException> {
      requestBuilder.url("http://localhost:65536/")

   * use the {@code TreeMap} constructor directly, taking advantage of <a
   * href="https://docs.oracle.com/javase/tutorial/java/generics/genTypeInference.html#type-inference-instantiation">"diamond"
   * syntax</a>.
   *
   * @return a new, empty {@code TreeMap}
   */
  @SuppressWarnings({
    "rawtypes", // https://github.com/google/guava/issues/989
    "NonApiType", // acts as a direct substitute for a constructor call

   * use the {@code TreeMap} constructor directly, taking advantage of <a
   * href="https://docs.oracle.com/javase/tutorial/java/generics/genTypeInference.html#type-inference-instantiation">"diamond"
   * syntax</a>.
   *
   * @return a new, empty {@code TreeMap}
   */
  @SuppressWarnings({
    "rawtypes", // https://github.com/google/guava/issues/989
    "NonApiType", // acts as a direct substitute for a constructor call

that recognizes a commonly useful subset of URLs that are safe.\n *\n * Shoutout to Angular https://github.com/angular/angular/blob/12.2.x/packages/core/src/sanitization/url_sanitizer.ts\n */\nconst SAFE_URL_PATTERN = /^(?:(?:https?|mailto|ftp|tel|file|sms):|[^#&/:?]*(?:[#/?]|$))/i\n\n/**\n * A pattern that matches safe data URLs. Only matches image, video and audio types.\n *\n * Shoutout to Angular https://github.com/angular/angular/blob/12.2.x/packages/core/src/sanitization/url_sanitizer.ts\n */\nconst...