.Builder()
        .clearHeaders()
        .addHeader("Cookie: s=square")
        .addHeader("Cookie: a=android")
        .addHeader("Cookies: delicious")
    builder.setHeader("cookie", "r=robot")
    assertThat(headersToList(builder)).containsExactly("Cookies: delicious", "cookie: r=robot")
  }

  @Test
  fun mockResponseSetHeaders() {
    val builder =
      MockResponse
        .Builder()

        assertEquals(0, response3.getTotal());

        SuggestResponse response4 = suggester.suggest().setQuery("delicious").setSuggestDetail(true).execute().getResponse();
        assertEquals(1, response4.getNum());
        assertEquals(1, response4.getTotal());
        assertEquals("delicious", response4.getWords().get(0));
    }

    @Test
    @SuppressWarnings("unchecked")

    otherwise. Do not persist these and assume they can be read by a future
    version of the library.

5.  Our classes are not designed to protect against a malicious caller. You
    should not use them for communication between trusted and untrusted code.

6.  For the mainline flavor, we test the libraries using OpenJDK 8, 11, and 17

			return true
		case segmentEnd-segmentStart == 1 && path[segmentStart] == '.':
			return true
		}
		i++
	}
	return false
}

// Check if client is sending a malicious request.
func hasMultipleAuth(r *http.Request) bool {
	authTypeCount := 0
	for _, hasValidAuth := range []func(*http.Request) bool{
		isRequestSignatureV2, isRequestPresignedSignatureV2,

    public void test_getPyFilePath_withDirectoryTraversal() {
        pythonJob.filename("../../malicious.py");

        String expectedPath = "WEB-INF" + File.separator + "env" + File.separator + "python" + File.separator + "resources" + File.separator
                + "//malicious.py";
        assertEquals(expectedPath, pythonJob.getPyFilePath());
    }

	if ok {
		parentInClaim, ok := p.(string)
		if !ok {
			// Reject malformed/malicious requests.
			return false
		}
		// The parent claim in the session token should be equal
		// to the parent detected in the backend
		if parentInClaim != parentUser {
			return false
		}
	} else {
		// This is needed so a malicious user cannot
		// use a leaked session key of another user
		// to widen its privileges.

		"User-Agent":                   []string{"A malicious request"},
		"X-Amz-Decoded-Content-Length": []string{"8"},
		"Content-Encoding":             []string{"aws-chunked"},
		"X-Amz-Trailer":                []string{"x-amz-checksum-crc32"},

* 📝 Reword in docs, from "have in mind" to "keep in mind". PR [#10376](https://github.com/tiangolo/fastapi/pull/10376) by [@malicious](https://github.com/malicious).
* 📝 Add External Link: Talk by Jeny Sadadia. PR [#10265](https://github.com/tiangolo/fastapi/pull/10265) by [@JenySadadia](https://github.com/JenySadadia).