* stores information-per-URL will need to either canonicalize manually, or suffer unnecessary
 * redundancy for such URLs.
 *
 * Because they don't attempt canonical form, these classes are surprisingly difficult to use
 * securely. Suppose you're building a webservice that checks that incoming paths are prefixed
 * "/static/images/" before serving the corresponding assets from the filesystem.
 *
 * ```java

	public final fun check (Ljava/lang/String;[Ljava/security/cert/Certificate;)V
	public fun equals (Ljava/lang/Object;)Z
	public final fun findMatchingPins (Ljava/lang/String;)Ljava/util/List;
	public final fun getPins ()Ljava/util/Set;
	public fun hashCode ()I
	public static final fun pin (Ljava/security/cert/Certificate;)Ljava/lang/String;
	public static final fun sha1Hash (Ljava/security/cert/X509Certificate;)Lokio/ByteString;

	public final fun check (Ljava/lang/String;[Ljava/security/cert/Certificate;)V
	public fun equals (Ljava/lang/Object;)Z
	public final fun findMatchingPins (Ljava/lang/String;)Ljava/util/List;
	public final fun getPins ()Ljava/util/Set;
	public fun hashCode ()I
	public static final fun pin (Ljava/security/cert/Certificate;)Ljava/lang/String;
	public static final fun sha1Hash (Ljava/security/cert/X509Certificate;)Lokio/ByteString;

 */

package jcifs.smb;

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Collections;
import java.util.EnumSet;
import java.util.List;
import java.util.Objects;
import java.util.Set;

    Alternatively, OkHttp will also use Conscrypt if you install it as your
    preferred security provider. To do so, add the following code to execute
    before you create your `OkHttpClient`.

    ```
    Security.insertProviderAt(
        new org.conscrypt.OpenSSLProvider(), 1);
    ```

    Conscrypt is the bundled security provider on Android so it is not necessary
    to configure it on that platform.

cookie.search.parameter.name=fsrp
# Whether to set HttpOnly attribute to the search parameter cookie.
cookie.search.parameter.http_only=true
# Whether to set Secure attribute to the search parameter cookie. Should be true in production environments using HTTPS.
cookie.search.parameter.secure=
# Max-Age (in seconds) for the search parameter cookie. Use -1 for session-only cookies.
cookie.search.parameter.max_age=60

  * Add `kubectl rollout status`
* Security/Auth
  * L7 LB controller and disk attach controllers run on master, so nodes do not need those privileges.
  * Setting TLS1.2 minimum
  * `kubectl create secret tls` command
  * Webhook Token Authenticator
  * **beta** PodSecurityPolicy objects limits use of security-sensitive features by pods.
* Kubectl
  * Display line number on JSON errors

        if (socketFactory != this.socketFactory) {
          this.routeDatabase = null
        }

        this.socketFactory = socketFactory
      }

    /**
     * Sets the socket factory used to secure HTTPS connections. If unset, the system default will
     * be used.
     *
     * @deprecated [SSLSocketFactory] does not expose its [X509TrustManager], which is a field that

import java.io.InterruptedIOException;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketException;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import java.util.ListIterator;
import java.util.Locale;
import java.util.Set;

                                "shared;/share/shared;no;no;no;all;" + USERNAME + ";all;all", "-g", "log level = 1", "-g",
                                "security = user", "-g", "map to guest = bad user")
                        .withLogConsumer(new Slf4jLogConsumer(LoggerFactory.getLogger(SmbFileIntegrationTest.class)))