<year>2025</year>
					</properties>
					<headerDefinitions>
						<headerDefinition>https://www.codelibs.org/assets/license/header-definition-2.xml</headerDefinition>
					</headerDefinitions>
					<licenseSets>
						<licenseSet>
							<header>https://www.codelibs.org/assets/license/header.txt</header>
							<includes>
								<include>src/**/*.java</include>
							</includes>
						</licenseSet>
					</licenseSets>

            /*
             * A word about communicating header info to andx smbs
             *
             * This is where we recursively invoke the provided andx smb
             * object to write it's parameter words and bytes to our outgoing
             * array. Incedentally when these andx smbs are created they are not
             * necessarily populated with header data because they're not writing

{* ../../docs_src/advanced_middleware/tutorial001.py hl[2,6] *}

## `TrustedHostMiddleware` { #trustedhostmiddleware }

Enforces that all incoming requests have a correctly set `Host` header, in order to guard against HTTP Host Header attacks.

{* ../../docs_src/advanced_middleware/tutorial002.py hl[2,6:8] *}

The following arguments are supported:

* `headers` - A `dict` of strings.
* `media_type` - A `str` giving the media type. E.g. `"text/html"`.

FastAPI (actually Starlette) will automatically include a Content-Length header. It will also include a Content-Type header, based on the `media_type` and appending a charset for text types.

{* ../../docs_src/response_directly/tutorial002.py hl[1,18] *}

### `HTMLResponse` { #htmlresponse }

     *
     * @param encryptedMessage
     *            encrypted message with transform header
     * @return decrypted plaintext message
     * @throws CIFSException
     *             if decryption fails
     */
    public byte[] decryptMessage(final byte[] encryptedMessage) throws CIFSException {
        try {
            // Parse transform header

        byte[] buffer = new byte[512];
        int offset = 0;

        // Set header start position for the response
        setHeaderStart(response, 64);

        // Write structure header (9 bytes)
        SMBUtil.writeInt2(9, buffer, offset); // Structure size
        SMBUtil.writeInt2(80 - 64, buffer, offset + 2); // Buffer offset (relative to header)
        SMBUtil.writeInt4(50, buffer, offset + 4); // Total length of notification data

OpenAPI definiert die folgenden Sicherheitsschemas:

* `apiKey`: ein anwendungsspezifischer Schlüssel, der stammen kann von:
    * Einem Query-Parameter.
    * Einem Header.
    * Einem Cookie.
* `http`: Standard-HTTP-Authentifizierungssysteme, einschließlich:
    * `bearer`: ein Header `Authorization` mit dem Wert `Bearer` plus einem Token. Dies wird von OAuth2 geerbt.
    * HTTP Basic Authentication.
    * HTTP Digest, usw.

# HTTP Basic Auth { #http-basic-auth }

For the simplest cases, you can use HTTP Basic Auth.

In HTTP Basic Auth, the application expects a header that contains a username and a password.

If it doesn't receive it, it returns an HTTP 401 "Unauthorized" error.

And returns a header `WWW-Authenticate` with a value of `Basic`, and an optional `realm` parameter.

That tells the browser to show the integrated prompt for a username and password.

     *
     * @return the errorContextCount
     */
    public final byte getErrorContextCount() {
        return this.errorContextCount;
    }

    /**
     * Gets the header start position for this message.
     *
     * @return the headerStart
     */
    public final int getHeaderStart() {
        return this.headerStart;
    }

    /**

     */
    @Override
    protected int readBytesWireFormat(final byte[] buffer, final int bufferIndex) throws SMBProtocolDecodingException {
        // SmbComSeekResponse has no additional data to read beyond header
        return 0;
    }