}

	cred.scope.region = credElements[1]
	// Verify if region is valid.
	sRegion := cred.scope.region
	// Region is set to be empty, we use whatever was sent by the
	// request and proceed further. This is a work-around to address
	// an important problem for ListBuckets() getting signed with
	// different regions.
	if region == "" {
		region = sRegion
	}

			}
			arns = append(arns, targetID.ToARN(region).String())
		}
	}

	return arns
}

// Loads notification policies for all buckets into EventNotifier.
func (evnot *EventNotifier) set(bucket BucketInfo, meta BucketMetadata) {
	config := meta.notificationConfig
	if config == nil {
		return
	}
	config.SetRegion(globalSite.Region)
	if err := config.Validate(globalSite.Region, globalEventNotifier.targetList); err != nil {

        final String origin = httpRequest.getHeader("Origin");
        if (StringUtil.isNotBlank(origin)) {
            if (logger.isDebugEnabled()) {
                logger.debug("HTTP Request: {}", httpRequest.getMethod());
            }
            final CorsHandlerFactory factory = ComponentUtil.getCorsHandlerFactory();
            final CorsHandler handler = factory.get(origin);
            if (handler != null) {

	referrerPolicy := env.Get(EnvBrowserReferrerPolicy, kvs.GetWithDefault(browserReferrerPolicy, DefaultKVS))
	switch referrerPolicy {
	case "no-referrer", "no-referrer-when-downgrade", "origin", "origin-when-cross-origin", "same-origin", "strict-origin", "strict-origin-when-cross-origin", "unsafe-url":
		cfg.ReferrerPolicy = referrerPolicy
	default:
		return cfg, fmt.Errorf("invalid value %v for %s", referrerPolicy, browserReferrerPolicy)
	}

		Partition:    arnPartitionMinio,
		Service:      arnServiceIAM,
		Region:       serverRegion,
		ResourceType: arnResourceTypeRole,
		ResourceID:   resourceID,
	}, nil
}

// String - returns string representation of the ARN.
func (arn ARN) String() string {
	return strings.Join(
		[]string{
			arnPrefixArn,
			arn.Partition,
			arn.Service,
			arn.Region,
			"", // account-id is always empty in this implementation

    public void add(final String origin, final CorsHandler handler) {
        if (logger.isDebugEnabled()) {
            logger.debug("Loaded {}", origin);
        }
        handerMap.put(origin, handler);
    }

    public CorsHandler get(final String origin) {
        final CorsHandler handler = handerMap.get(origin);
        if (handler != null) {
            return handler;
        }

package org.codelibs.fess.cors;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

public abstract class CorsHandler {

    protected static final String ACCESS_CONTROL_ALLOW_ORIGIN = "Access-Control-Allow-Origin";

    protected static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";

    protected static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";

		want string
	}{
		{
			arn: ARN{
				Partition:    "minio",
				Service:      "iam",
				Region:       "us-east-1",
				ResourceType: "role",
				ResourceID:   "my-role",
			},
			want: "arn:minio:iam:us-east-1::role/my-role",
		},
		{
			arn: ARN{
				Partition:    "minio",
				Service:      "",
				Region:       "us-east-1",
				ResourceType: "role",
				ResourceID:   "my-role",
			},

	}
	return newAPIEndpoints
}

// Prints common server startup message. Prints credential, region and browser access.
func printServerCommonMsg(apiEndpoints []string) {
	// Get saved credentials.
	cred := globalActiveCred

	// Get saved region.
	region := globalSite.Region

	apiEndpointStr := strings.TrimSpace(strings.Join(apiEndpoints, "  "))
	// Colorize the message and print.

	// Set the "Server" http header.
	w.Header().Set(xhttp.ServerInfo, MinioStoreName)

	// Set `x-amz-bucket-region` only if region is set on the server
	// by default minio uses an empty region.
	if region := globalSite.Region; region != "" {
		w.Header().Set(xhttp.AmzBucketRegion, region)
	}
	w.Header().Set(xhttp.AcceptRanges, "bytes")

	// Remove sensitive information
	crypto.RemoveSensitiveHeaders(w.Header())
}