"application/x-xmind",
				"application/x-xz",
				"application/x-zoo",
				"application/x400-bp",
				"application/xcap-att+xml",
				"application/xcap-caps+xml",
				"application/xcap-el+xml",
				"application/xcap-error+xml",
				"application/xcap-ns+xml",
				"application/xcon-conference-info-diff+xml",
				"application/xcon-conference-info+xml",
				"application/xenc+xml",

    <glob pattern="*.zoo"/>
  </mime-type>

  <mime-type type="application/x400-bp"/>
  <mime-type type="application/xcap-att+xml"/>
  <mime-type type="application/xcap-caps+xml"/>
  <mime-type type="application/xcap-el+xml"/>
  <mime-type type="application/xcap-error+xml"/>
  <mime-type type="application/xcap-ns+xml"/>
  <mime-type type="application/xcon-conference-info-diff+xml"/>

	bp.Put(make([]byte, bp.w, bp.wcap-1)) // wrong capacity is rejected (less)
	bp.Put(make([]byte, bp.w, bp.wcap+1)) // wrong capacity is rejected (more)
	bp.Put(make([]byte, width))           // wrong capacity is rejected (very less)
	if len(bp.c) > 0 {
		t.Fatal("bytepool should have rejected invalid packets")
	}

	// Try putting a short slice into pool
	bp.Put(make([]byte, bp.w, bp.wcap)[:2])
	if len(bp.c) != 1 {

	}
	return &BytePoolCap{
		c:    make(chan []byte, maxSize),
		w:    width,
		wcap: capwidth,
	}
}

// Populate - populates and pre-warms the byte pool, this function is non-blocking.
func (bp *BytePoolCap) Populate() {
	for _, buf := range reedsolomon.AllocAligned(cap(bp.c), bp.wcap) {
		bp.Put(buf[:bp.w])
	}
}

// Get gets a []byte from the BytePool, or creates a new one if none are

type httpListener struct {
	opts        TCPOptions
	listeners   []net.Listener    // underlying TCP listeners.
	acceptCh    chan acceptResult // channel where all TCP listeners write accepted connection.
	ctxDoneCh   <-chan struct{}
	ctxCanceler context.CancelFunc
}

// start - starts separate goroutine for each TCP listener.  A valid new connection is passed to httpListener.acceptCh.
func (listener *httpListener) start() {

After this, the client and the server have an **encrypted TCP connection**, this is what TLS provides. And then they can use that connection to start the actual **HTTP communication**.

And that's what **HTTPS** is, it's just plain **HTTP** inside a **secure TLS connection** instead of a pure (unencrypted) TCP connection.

/// tip

* Шифрование соединения происходит на **уровне TCP**.
    * Это на один уровень **ниже HTTP**.
    * Поэтому **сертификаты и шифрование** обрабатываются **до HTTP**.
* **TCP не знает о «доменах»**. Только об IP-адресах.
    * Информация о **конкретном домене** передаётся в **данных HTTP**.

      check(connectState == ConnectState.READY)
      events += "plan $id TCP connecting..."

      taskFaker.sleep(tcpConnectDelayNanos)

      if (yieldBeforeTcpConnectReturns) {
        taskFaker.yield()
      }

      return when {
        tcpConnectThrowable != null -> {
          events += "plan $id TCP connect failed"

Após isso, o cliente e o servidor possuem uma conexão TCP encriptada, que é provida pelo TLS. E então eles podem usar essa conexão para começar a comunicação HTTP propriamente dita.

E isso resume o que é HTTPS, apenas HTTP simples dentro de uma conexão TLS segura em vez de uma conexão TCP pura (não encriptada).

/// tip | Dica

/// tip | Tipp

Beachten Sie, dass die Verschlüsselung der Kommunikation auf der **TCP-Ebene** und nicht auf der HTTP-Ebene erfolgt.

///

### HTTPS-Request { #https-request }

Da Client und Server (sprich, der Browser und der TLS-Terminierungsproxy) nun über eine **verschlüsselte TCP-Verbindung** verfügen, können sie die **HTTP-Kommunikation** starten.