// Test simple escape of '&'.
    assertEquals("foo&bar", htmlEscaper().escape("foo&bar"));

    // If the string contains no escapes, it should return the arg.
    // Note: assert<b>Same</b> for this implementation.
    String s = "blah blah farhvergnugen";
    assertSame(s, htmlEscaper().escape(s));

    // Tests escapes at begin and end of string.
    assertEquals("&lt;p&gt;", htmlEscaper().escape("<p>"));

    // Test simple escape of '&'.
    assertEquals("foo&bar", htmlEscaper().escape("foo&bar"));

    // If the string contains no escapes, it should return the arg.
    // Note: assert<b>Same</b> for this implementation.
    String s = "blah blah farhvergnugen";
    assertSame(s, htmlEscaper().escape(s));

    // Tests escapes at begin and end of string.
    assertEquals("&lt;p&gt;", htmlEscaper().escape("<p>"));

    // Test quotes are escaped.
    assertEquals(""test"", xmlAttributeEscaper.escape("\"test\""));
    assertEquals("'test'", xmlAttributeEscaper.escape("'test'"));
    // Test all escapes
    assertEquals(
        "a&quot;b&lt;c&gt;d&amp;e&quot;f&apos;", xmlAttributeEscaper.escape("a\"b<c>d&e\"f'"));
    // Test '\t', '\n' and '\r' are escaped.

    }

    /**
     * Escapes a callback name.
     * @param callbackName The callback name.
     * @return The escaped callback name.
     */
    protected String escapeCallbackName(final String callbackName) {
        return "/**/" + callbackName.replaceAll("[^0-9a-zA-Z_\\$\\.]", StringUtil.EMPTY);
    }

    /**
     * Escapes a JSON object.
     * @param obj The object to escape.

            return escape(s) + ".*";
        }
        final StringBuilder buf = new StringBuilder(100);
        return appendFileterPath(buf, escape(s));
    }

    /**
     * Escapes special regex characters in a string to create a literal pattern.

                return fessConfig.getRoleSearchGroupPrefix();
            }
        }
        return null;
    }

    /**
     * Escapes special characters in an LDAP search filter to prevent LDAP injection attacks.
     *
     * <p>This method escapes the following characters as per RFC 4515:
     * <ul>
     * <li>\ (backslash) → \5c</li>
     * <li>* (asterisk) → \2a</li>

        return StringUtil.EMPTY;
    }

    /**
     * Escapes HTML and applies highlighting to text.
     * Handles boundary position detection if enabled.
     *
     * @param text the text to process
     * @return the escaped and highlighted text
     */
    protected String escapeHighlight(final String text) {
        final String escaped = LaFunctions.h(text);
        final String value;

the digits in the corresponding base.
</p>

<p>
Although these representations all result in an integer, they have
different valid ranges.  Octal escapes must represent a value between
0 and 255 inclusive.  Hexadecimal escapes satisfy this condition
by construction. The escapes <code>\u</code> and <code>\U</code>
represent Unicode code points so within them some values are illegal,

No obstante, tú aún impones esos scopes, o cualquier otro requisito de seguridad/autorización, como necesites, en tu código.

En muchos casos, OAuth2 con scopes puede ser un exceso.

Pero si sabes que lo necesitas, o tienes curiosidad, sigue leyendo.

///

## Scopes de OAuth2 y OpenAPI { #oauth2-scopes-and-openapi }

from fastapi import FastAPI
from fastapi.middleware.wsgi import WSGIMiddleware
from flask import Flask, request
from markupsafe import escape

flask_app = Flask(__name__)


@flask_app.route("/")
def flask_main():
    name = request.args.get("name", "World")
    return f"Hello, {escape(name)} from Flask!"


app = FastAPI()


@app.get("/v2")
def read_main():
    return {"message": "Hello World"}