final String forwardedProto = request.getHeader("X-Forwarded-Proto");
            if ("https".equalsIgnoreCase(forwardedProto)) {
                return true;
            }
            return request.isSecure();
        }
        return Constants.TRUE.equalsIgnoreCase(secure);
    }

    /**
     * Interface for rewriting search request parameters.
     *

     */
    protected InputStream bodyStream;

    /**
     * The compression type for the request.
     */
    protected String compression = null;

    /**
     * The SSL socket factory for secure connections.
     */
    protected SSLSocketFactory sslSocketFactory = null;

    /**
     * The thread pool for executing the request.
     */
    protected ForkJoinPool threadPool;

    /**

 * which is commonly used for Kerberos-based authentication in Windows environments.
 * It handles the negotiation between client and server to establish a secure
 * authentication context without requiring users to explicitly enter credentials.
 *
 * The authenticator supports various configuration options including delegation,

     * This method searches for 'fess_ds++.xml' configuration files within JAR files
     * in the data store plugin directory and extracts component class names.
     *
     * <p>The method uses secure XML parsing features to prevent XXE attacks and
     * other XML-based vulnerabilities. Component class names are extracted from
     * the 'class' attribute of 'component' elements in the XML files.</p>
     *

import jakarta.servlet.ServletOutputStream;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

/**
 * API manager for search engine administrative operations.
 * Provides secure access to search engine APIs through authentication and token-based authorization.
 */
public class SearchEngineApiManager extends BaseApiManager {
    private static final String ADMIN_SERVER = "/admin/server_";

     */
    public GsaConfigParser() {
        super();
    }

    /**
     * Parses a GSA configuration XML file from the given input source.
     * This method configures a secure SAX parser and processes the XML content
     * to extract configuration information for web and file crawling.
     *
     * @param is the input source containing the GSA configuration XML

				"application/vnd.etsi.sci+xml",
				"application/vnd.etsi.simservs+xml",
				"application/vnd.eudora.data",
				"application/vnd.ezpix-album",
				"application/vnd.ezpix-package",
				"application/vnd.f-secure.mobile",
				"application/vnd.fdf",
				"application/vnd.fdsn.mseed",
				"application/vnd.fdsn.seed",
				"application/vnd.ffsns",
				"application/vnd.fints",
				"application/vnd.flographit",

cookie.search.parameter.name=fsrp
# Whether to set HttpOnly attribute to the search parameter cookie.
cookie.search.parameter.http_only=true
# Whether to set Secure attribute to the search parameter cookie. Should be true in production environments using HTTPS.
cookie.search.parameter.secure=
# Max-Age (in seconds) for the search parameter cookie. Use -1 for session-only cookies.
cookie.search.parameter.max_age=60

     */
    boolean isCookieSearchParameterHttpOnly();

    /**
     * Get the value for the key 'cookie.search.parameter.secure'. <br>
     * The value is, e.g.  <br>
     * comment: Whether to set Secure attribute to the search parameter cookie. Should be true in production environments using HTTPS.

                httpClientBuilder.setSSLContext(sslContext);
                logger.warn(
                        "SSL certificate validation is disabled. This configuration is insecure and should only be used in development/testing environments.");
                return new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE);
            } catch (final Exception e) {