val connectionPool: RealConnectionPool,
  override val route: Route,
  /** The low-level TCP socket. */
  private var rawSocket: Socket?,
  /**
   * The application layer socket. Either an [SSLSocket] layered over [rawSocket], or [rawSocket]
   * itself if this connection does not use SSL.
   */
  private var socket: Socket?,
  private var handshake: Handshake?,
  private var protocol: Protocol?,

  // These properties are initialized by connect() and never reassigned.

  /** The low-level TCP socket. */
  private var rawSocket: Socket? = null

  /**
   * The application layer socket. Either an [SSLSocket] layered over [rawSocket], or [rawSocket]
   * itself if this connection does not use SSL.
   */
  internal var socket: Socket? = null
  private var handshake: Handshake? = null
  private var protocol: Protocol? = null

## Version 4.7.0

_2020-05-17_

 *  New: `HandshakeCertificates.Builder.addInsecureHost()` makes it easy to turn off security in
    private development environments that only carry test data. Prefer this over creating an
    all-trusting `TrustManager` because only hosts on the allowlist are insecure. From
    [our DevServer sample][dev_server]:

    ```kotlin
    val clientCertificates = HandshakeCertificates.Builder()

   * but the corresponding responses will not be stored.
   */
  @Throws(IOException::class)
  fun evictAll() {
    cache.evictAll()
  }

  /**
   * Returns an iterator over the URLs in this cache. This iterator doesn't throw
   * `ConcurrentModificationException`, but if new responses are added while iterating, their URLs

      else -> error("unexpected rangesIndex for $codePoint")
    }

    return true
  }

  /**
   * Binary search [sections] for [codePoint], looking at its top 14 bits.
   *
   * This binary searches over 4-byte entries, and so it needs to adjust binary search indices
   * in (by dividing by 4) and out (by multiplying by 4).
   */
  private fun findSectionsIndex(codePoint: Int): Int {

        }
      }
    }

    return response
  }

  /**
   * Returns a new source that writes bytes to [cacheRequest] as they are read by the source
   * consumer. This is careful to discard bytes left over when the stream is closed; otherwise we
   * may never exhaust the source stream and therefore not complete the cached response.
   */
  @Throws(IOException::class)
  private fun cacheWritingResponse(

   * in practice. To simplify the implementation, we've avoided implementing the flexible rules in
   * favor of supporting what's actually used in practice. That means if these assertions ever fail,
   * the implementation will need to be revisited to support a more flexible rule.
   */
  private fun assertWildcardRule(rule: String) {
    check(rule.startsWith(WILDCARD_CHAR)) {

 *  Fix: Don't crash when a fast fallback call has both a deferred connection and a held connection.
 *  Fix: `OkHttpClient` no longer implements `Cloneable`. It never should have; the class is
    immutable. This is left over from OkHttp 2.x (!) when that class was mutable. We're using the
    5.x upgrade as an opportunity to remove very obsolete APIs.
 *  Fix: Recover gracefully when Android's `NativeCrypto` crashes with `"ssl == null"`. This occurs

  }

  @JvmStatic
  val windows: Boolean
    get() = System.getProperty("os.name", "?").startsWith("Windows")

  /**
   * Make assertions about the suppressed exceptions on this. Prefer this over making direct calls
   * so tests pass on GraalVM, where suppressed exceptions are silently discarded.
   *
   * https://github.com/oracle/graal/issues/3008
   */
  @JvmStatic

            sameSite = attributeValue
          }
        }

        pos = attributePairEnd + 1
      }

      // If 'Max-Age' is present, it takes precedence over 'Expires', regardless of the order the two
      // attributes are declared in the cookie string.
      if (deltaSeconds == Long.MIN_VALUE) {
        expiresAt = Long.MIN_VALUE
      } else if (deltaSeconds != -1L) {