## Pin your `fastapi` version { #pin-your-fastapi-version }

The first thing you should do is to "pin" the version of **FastAPI** you are using to the specific latest version that you know works correctly for your application.

For example, let's say you are using version `0.112.0` in your app.

    # class "feature"
    assert is_uploadfile_sequence_annotation(list[str] | list[UploadFile])


def test_serialize_sequence_value_with_optional_list():
    """Test that serialize_sequence_value handles optional lists correctly."""
    from fastapi._compat import v2

    field_info = FieldInfo(annotation=list[str] | None)
    field = v2.ModelField(name="items", field_info=field_info)

You will see the automatic API docs for the sub-application, including only its own _path operations_, all under the correct sub-path prefix `/subapi`:

<img src="/img/tutorial/sub-applications/image02.png">

If you try interacting with any of the two user interfaces, they will work correctly, because the browser will be able to talk to each specific app or sub-app.

### Technical Details: `root_path` { #technical-details-root-path }

        // Wrap it in ServletRuntimeException
        ServletRuntimeException runtimeException = new ServletRuntimeException(servletException);

        // Verify that the cause is correctly set
        assertNotNull(runtimeException);
        assertEquals(servletException, runtimeException.getCause());

        // Verify that the message is preserved from the cause

{* ../../docs_src/advanced_middleware/tutorial001_py310.py hl[2,6] *}

## `TrustedHostMiddleware` { #trustedhostmiddleware }

Enforces that all incoming requests have a correctly set `Host` header, in order to guard against HTTP Host Header attacks.

{* ../../docs_src/advanced_middleware/tutorial002_py310.py hl[2,6:8] *}

The following arguments are supported:

import com.google.common.io.BaseEncoding;

public class FacetResponseTest extends UnitFessTestCase {

    @Test
    public void test_base64_encoding_decoding() {
        // Test that base64 encoding and decoding works correctly
        String originalString = "test field with spaces";
        String encoded = BaseEncoding.base64().encode(originalString.getBytes(StandardCharsets.UTF_8));

 * limitations under the License.
 */

package gradlebuild.buildutils.tasks

import spock.lang.Specification

class PreparePatchReleaseTest extends Specification {

    def "patch version is correctly bumped"() {
        expect:
        ReleasedVersionsHelperKt.bumpPatchVersion(input) == expected

        where:
        input   | expected
        "9.4.0" | "9.4.1"
        "9.4.1" | "9.4.2"

  }

  /*
   * This is somewhat of a weak test; we verify that all of the methods are
   * correct, but not that they're actually forwarding correctly. We also rely
   * on the other tests (e.g., SynchronizedSetTest) to verify that the
   * collection views are synchronized correctly.
   */

  public void testSize() {
    int unused = create().size();
  }

  public void testIsEmpty() {

  }

  /*
   * This is somewhat of a weak test; we verify that all of the methods are
   * correct, but not that they're actually forwarding correctly. We also rely
   * on the other tests (e.g., SynchronizedSetTest) to verify that the
   * collection views are synchronized correctly.
   */

  public void testSize() {
    int unused = create().size();
  }

  public void testIsEmpty() {

## Wildcards { #wildcards }

It's also possible to declare the list as `"*"` (a "wildcard") to say that all are allowed.

But that will only allow certain types of communication, excluding everything that involves credentials: Cookies, Authorization headers like those used with Bearer Tokens, etc.

So, for everything to work correctly, it's better to specify explicitly the allowed origins.