}
    check(rule.indexOf(WILDCARD_CHAR, 1) == -1) {
      """Wildcard Assertion Failure: '$rule'
A wildcard rule was added with multiple wildcards! We'll need to change ${PublicSuffixDatabase::class.java.name} to handle this."""
    }
    check(rule.length != 1) {
      """Wildcard Assertion Failure: '$rule'

  val proxies: MutableList<Proxy> = mutableListOf()

  fun addProxy(proxy: Proxy): FakeProxySelector {
    proxies.add(proxy)
    return this
  }

  override fun select(uri: URI): List<Proxy> {
    // Don't handle 'socket' schemes, which the RI's Socket class may request (for SOCKS).
    return if (uri.scheme == "http" || uri.scheme == "https") proxies else listOf(Proxy.NO_PROXY)
  }

  override fun connectFailed(
    uri: URI,

     * with other sources.
     *
     * **Warning:** callers to this method must immediately call [newSource] to create a source and
     * close that when they're done. Otherwise a handle to [file] will be leaked.
     */
    @Throws(IOException::class)
    fun edit(
      file: File,
      upstream: Source,
      metadata: ByteString,
      bufferMaxSize: Long,
    ): Relay {

assertEquals("{}", request.getBody().readUtf8());
```

#### Dispatcher

By default MockWebServer uses a queue to specify a series of responses. Use a
Dispatcher (`import okhttp3.mockwebserver.Dispatcher`) to handle requests using another policy. One natural policy is to
dispatch on the request path.
You can, for example, filter the request instead of using `server.enqueue()`.

```java

      if (!response.isSuccessful) throw IOException("Unexpected code $response")

      println(response.body.string())
    }
  }
}

object ConsoleCallbackHandler : CallbackHandler {
  override fun handle(callbacks: Array<Callback>) {
    for (callback in callbacks) {
      if (callback is PasswordCallback) {
        val console = System.console()

        if (console != null) {

import okio.ByteString.Companion.toByteString

/**
 * Constrains which certificates are trusted. Pinning certificates defends against attacks on
 * certificate authorities. It also prevents connections through man-in-the-middle certificate
 * authorities either known or unknown to the application's user.
 * This class currently pins a certificate's Subject Public Key Info as described on

 *
 *  * [TCP handshake][connectSocket]
 *  * Optional [CONNECT tunnels][connectTunnel]. When using an HTTP proxy to reach an HTTPS server
 *    we must send a `CONNECT` request, and handle authorization challenges from the proxy.
 *  * Optional [TLS handshake][connectTls].
 *
 * Each step may fail. If a retry is possible, a new instance is created with the next plan, which
 * will be configured differently.
 */

 *    other properties.
 *
 * Certificates are signed by other certificates and a sequence of them is called a certificate
 * chain. The chain terminates in a self-signed "root" certificate. Signing certificates in the
 * middle of the chain are called "intermediates". Organizations that offer certificate signing are
 * called certificate authorities (CAs).
 *
 * Browsers and other HTTP clients need a set of trusted root certificates to authenticate their

      .assertFailureMatches("(?s)Hostname localhost not verified.*")
  }

  /**
   * Anonymous cipher suites were disabled in OpenJDK because they're rarely used and permit
   * man-in-the-middle attacks. https://bugs.openjdk.java.net/browse/JDK-8212823
   */
  @Test
  fun anonCipherSuiteUnsupported() {
    platform.assumeNotConscrypt()
    platform.assumeNotBouncyCastle()

  ): Boolean =
    when {
      // Server sent a 100-continue even though we did not request one. Try again to read the
      // actual response status.
      code == 100 -> true

      // Handle Processing (102) & Early Hints (103) and any new codes without failing
      // 100 and 101 are the exceptions with different meanings
      // But Early Hints not currently exposed
      code in (102 until 200) -> true