public static Escaper xmlAttributeEscaper() {
    return XML_ATTRIBUTE_ESCAPER;
  }

  private static final Escaper XML_ESCAPER;
  private static final Escaper XML_CONTENT_ESCAPER;
  private static final Escaper XML_ATTRIBUTE_ESCAPER;

  static {
    Escapers.Builder builder = Escapers.builder();
    // The char values \uFFFE and \uFFFF are explicitly not allowed in XML

    }

    /**
     * Escapes specific characters in a query string.
     * Replaces each specified character with its escaped version (prefixed with backslash).
     *
     * @param q the query string to escape
     * @param values the characters to escape
     * @return the escaped query string
     */
    protected String escape(final String q, final String... values) {
        String value = q;

 *
 */
public class JsonUtil {

    /**
     * Defualt constructor.
     */
    protected JsonUtil() {
    }

    /**
     * Escapes a value as Json string.
     *
     * @param value input
     * @return escaped string.
     */
    public static String escape(final String value) {
        if (value == null) {
            return null;
        }

        char c;
        final int len = value.length();

    }

    /**
     * Escapes a callback name.
     * @param callbackName The callback name.
     * @return The escaped callback name.
     */
    protected String escapeCallbackName(final String callbackName) {
        return "/**/" + callbackName.replaceAll("[^0-9a-zA-Z_\\$\\.]", StringUtil.EMPTY);
    }

    /**
     * Escapes a JSON object.
     * @param obj The object to escape.

            return OptionalThing.of(key.toString());
        }
        return OptionalThing.empty();
    }

    /**
     * Escapes special characters in a value string for safe logging.
     *
     * @param action the string value to escape
     * @return the escaped string with tabs replaced by spaces
     */
    protected String escapeValue(final String action) {
        return action.replace('\t', ' ');
    }

            return escape(s) + ".*";
        }
        final StringBuilder buf = new StringBuilder(100);
        return appendFileterPath(buf, escape(s));
    }

    /**
     * Escapes special regex characters in a string to create a literal pattern.

        return StringUtil.EMPTY;
    }

    /**
     * Escapes HTML and applies highlighting to text.
     * Handles boundary position detection if enabled.
     *
     * @param text the text to process
     * @return the escaped and highlighted text
     */
    protected String escapeHighlight(final String text) {
        final String escaped = LaFunctions.h(text);
        final String value;

            }
        }
        return null;
    }

    /**
     * Escapes special characters in an LDAP search filter to prevent injection attacks.
     *
     * @param filter the LDAP search filter to escape
     * @return the escaped filter string
     */
    protected String escapeLDAPSearchFilter(String filter) {
        final StringBuilder sb = new StringBuilder();

## Verifique os `scopes`

Nós verificamos agora que todos os escopos necessários, por essa dependência e todos os dependentes (incluindo as *operações de rota*) estão incluídas nos escopos fornecidos pelo token recebido, caso contrário, levantamos uma `HTTPException`.

Para isso, nós utilizamos `security_scopes.scopes`, que contém uma `list` com todos esses escopos como uma `str`.

{* ../../docs_src/security/tutorial005_an_py310.py hl[129:135] *}

Nevertheless, you still enforce those scopes, or any other security/authorization requirement, however you need, in your code.

In many cases, OAuth2 with scopes can be an overkill.

But if you know you need it, or you are curious, keep reading.

///

## OAuth2 scopes and OpenAPI { #oauth2-scopes-and-openapi }