*/
    protected boolean isFileSystemPath(final String url) {
        return ComponentUtil.getProtocolHelper().isFileSystemPath(url);
    }

    /**
     * Validates if the URL is safe for redirection.
     *
     * @param url the URL to validate
     * @return true if the URL is valid for redirection, false otherwise
     */
    protected boolean isValidRedirectUrl(final String url) {

     * Reloads the document index by closing and reopening it.
     *
     * @param form the action form (validated but not used for configuration)
     * @return HTML response redirecting to the maintenance page
     */
    @Execute
    @Secured({ ROLE })
    public HtmlResponse reloadDocIndex(final ActionForm form) {
        validate(form, messages -> {}, this::asIndexHtml);
        verifyToken(this::asIndexHtml);

            throw new SsoLoginException("unexpected set of artifacts received");
        }
    }

    /**
     * Validates the OAuth2 state parameter.
     * @param session The HTTP session containing stored state data.
     * @param state The state parameter to validate.
     * @return The validated state data.
     */
    protected StateData validateState(final HttpSession session, final String state) {

And then in our code, we parse that YAML content directly, and then we are again using the same Pydantic model to validate the YAML content:

{* ../../docs_src/path_operation_advanced_configuration/tutorial007_py39.py hl[24:31] *}

/// tip

Here we reuse the same Pydantic model.

But the same way, we could have validated it in some other way.

     */
    protected void write(final String path, final byte[] data) {
        validateFilePath(path);
        LdiFileUtil.write(path, data);
    }

    /**
     * Validates the file path.
     *
     * @param path the file path to validate
     */
    protected void validateFilePath(final String path) {
        if (StringUtil.isBlank(path)) {
            throw new IllegalArgumentException("File path cannot be empty");

///

### Read Heroes with `HeroPublic` { #read-heroes-with-heropublic }

We can do the same as before to **read** `Hero`s, again, we use `response_model=list[HeroPublic]` to ensure that the data is validated and serialized correctly.

{* ../../docs_src/sql_databases/tutorial002_an_py310.py ln[65:72] hl[65] *}

### Read One Hero with `HeroPublic` { #read-one-hero-with-heropublic }

We can **read** a single hero:

name: cffconvert

on:
  push:
    paths:
      - CITATION.cff

permissions:
  contents: read

jobs:
  validate:
    if: github.repository == 'tensorflow/tensorflow' # Don't do this in forks
    name: "validate"
    runs-on: ubuntu-latest
    steps:
      - name: Check out a copy of the repository
        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0

It would also mean that if you get data from the `Request` object directly (for example, read the body) it won't be validated, converted or documented (with OpenAPI, for the automatic API user interface) by FastAPI.

Although any other parameter declared normally (for example, the body with a Pydantic model) would still be validated, converted, annotated, etc.

But there are specific cases where it's useful to get the `Request` object.

    client = TestClient(mod.app)
    response = client.get("/users/me", headers={"Authorization": "Bearer nonexistent"})
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Could not validate credentials"}
    assert response.headers["WWW-Authenticate"] == 'Bearer scope="me"'


def test_incorrect_token_type(mod: ModuleType):
    client = TestClient(mod.app)
    response = client.get(

     * Show the edit page.
     * @param form The edit form.
     * @return The HTML response.
     */
    @Execute
    @Secured({ ROLE })
    public HtmlResponse edit(final EditForm form) {
        validate(form, messages -> {}, this::asListHtml);
        final String id = form.id;
        accessTokenService.getAccessToken(id).ifPresent(entity -> {
            copyBeanToBean(entity, form,