## Use `CORSMiddleware` { #use-corsmiddleware }

You can configure it in your **FastAPI** application using the `CORSMiddleware`.

* Import `CORSMiddleware`.
* Create a list of allowed origins (as strings).
* Add it as a "middleware" to your **FastAPI** application.

You can also specify whether your backend allows:

            assertTrue(e.getMessage().contains("not allowed"));
        }

        // Should allow other paths
        String allowed = validator.validatePath("\\share\\allowed\\file.txt");
        assertEquals("\\share\\allowed\\file.txt", allowed);
    }

    @Test
    public void testWhitelist() throws Exception {
        validator.addToWhitelist("\\share\\allowed");

        // Should allow whitelisted path

    }

    /**
     * Creates a custom filter that allows only the specified class patterns.
     * <p>
     * Patterns can be exact class names or use wildcards with '*' at the end.
     * For example: "com.example.*" allows all classes in the com.example package.
     * </p>
     *
     * @param allowedPatterns the patterns of classes to allow

        }

        /**
         * Checks if the given path is allowed according to this directive.
         * According to RFC 9309:
         * 1. Find the longest matching pattern (by priority length)
         * 2. If both Allow and Disallow patterns match with the same length, Allow takes precedence
         * 3. If no pattern matches, the path is allowed by default
         *
         * @param path the path to check

        // Normal authentication should be allowed
        assertTrue(rateLimiter.checkAttempt("user1", "192.168.1.1"), "First attempt should be allowed");

        // Record success
        rateLimiter.recordSuccess("user1", "192.168.1.1");

        // Should still be allowed
        assertTrue(rateLimiter.checkAttempt("user1", "192.168.1.1"), "After success should be allowed");
    }

    @Test

	if s3Err != ErrNone {
		return cred, s3Err
	}
	if globalIAMSys.IsAllowed(policy.Args{
		AccountName:     cred.AccessKey,
		Groups:          cred.Groups,
		Action:          policy.Action(action),
		ConditionValues: getConditionValues(r, "", cred),
		IsOwner:         owner,
		Claims:          cred.Claims,
	}) {
		// Request is allowed return the appropriate access key.
		return cred, ErrNone
	}

    allow_inf_nan: Annotated[
        Union[bool, None],
        Doc(
            """
            Allow `inf`, `-inf`, `nan`. Only applicable to numbers.
            """
        ),
    ] = _Unset,
    max_digits: Annotated[
        Union[int, None],
        Doc(
            """
            Maximum number of allow digits for strings.
            """
        ),
    ] = _Unset,
    decimal_places: Annotated[

   ├─ CAs
   ├─ private.key
   └─ public.crt
```

You can provide a custom certs directory using `--certs-dir` command line option.

#### Credentials

On MinIO admin credentials or root credentials are only allowed to be changed using ENVs namely `MINIO_ROOT_USER` and `MINIO_ROOT_PASSWORD`.

```sh
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio13
minio server /data
```

#### Site

```
KEY:

        validator.validatePath("\\share\\folder\\file.txt");
        validator.validatePath("C:\\Windows\\System32");
        validator.validatePath(null); // Null should be allowed
        validator.validatePath(""); // Empty should be allowed
    }

    @Test
    public void testPathTooLong() throws Exception {
        String longPath = "\\share" + "\\folder".repeat(5000);
        assertThrows(SmbException.class, () -> {

        }
        return true;
    }

    /**
     * Checks if the given value matches any of the specified protocols.
     *
     * @param protocols the allowed protocols
     * @param value the URI string to validate
     * @return true if the value matches allowed protocols, false otherwise
     */
    protected static boolean check(final String[] protocols, final String value) {
        final String[] paths = value.split("[\r\n]");