The zoneinfo.zip archive contains time zone files compiled using
the code and data maintained as part of the IANA Time Zone Database.
The IANA asserts that the database is in the public domain.

For more information, see
https://www.iana.org/time-zones
ftp://ftp.iana.org/tz/code/tz-link.html
https://datatracker.ietf.org/doc/html/rfc6557

```Python hl_lines="2  6-8"
{!../../../docs_src/advanced_middleware/tutorial002.py!}
```

Die folgenden Argumente werden unterstützt:

* `allowed_hosts` – Eine Liste von Domain-Namen, die als Hostnamen zulässig sein sollten. Wildcard-Domains wie `*.example.com` werden unterstützt, um Subdomains zu matchen. Um jeden Hostnamen zu erlauben, verwenden Sie entweder `allowed_hosts=["*"]` oder lassen Sie diese Middleware weg.

    ISTIO_METAJSON_LABELS: '{"service.istio.io/canonical-name":"foo","service.istio.io/canonical-revision":"latest"}'
    POD_NAMESPACE: bar
    PROXY_CONFIG_ANNOT_VALUE: bar
    SERVICE_ACCOUNT: vm-serviceaccount
    TRUST_DOMAIN: ""
  readinessProbe:
    httpGet:

    ISTIO_METAJSON_LABELS: '{"service.istio.io/canonical-name":"foo","service.istio.io/canonical-revision":"latest"}'
    POD_NAMESPACE: bar
    PROXY_CONFIG_ANNOT_VALUE: bar
    SERVICE_ACCOUNT: vm-serviceaccount
    TRUST_DOMAIN: ""
  readinessProbe:
    httpGet:

- BucketCORS (CORS enabled by default on all buckets for all HTTP verbs, you can optionally restrict the CORS domains)
- BucketWebsite (Use [`caddy`](https://github.com/caddyserver/caddy) or [`nginx`](https://www.nginx.com/resources/wiki/))

ISTIO_META_WORKLOAD_NAME='foo'
ISTIO_NAMESPACE='bar'
ISTIO_SERVICE='foo.bar'
ISTIO_SERVICE_CIDR='*'
ISTIO_SVC_IP='10.10.10.10'
POD_NAMESPACE='bar'
PROXY_CONFIG_ANNOT_VALUE='bar'
SERVICE_ACCOUNT='vm-serviceaccount'

# Security - First Steps

Let's imagine that you have your **backend** API in some domain.

And you have a **frontend** in another domain or in a different path of the same domain (or in a mobile application).

And you want to have a way for the frontend to authenticate with the backend, using a **username** and **password**.

We can use **OAuth2** to build that with **FastAPI**.

 *     .build();
 * ```
 *
 * ## Domain Patterns
 *
 * Pinning is per-hostname and/or per-wildcard pattern. To pin both `publicobject.com` and
 * `www.publicobject.com` you must configure both hostnames. Or you may use patterns to match
 * sets of related domain names. The following forms are permitted:
 *
 *  * **Full domain name**: you may pin an exact domain name like `www.publicobject.com`. It won't

  ) {
    fun writeOut(sink: BufferedSink) {
      with(sink) {
        writeInt(totalRuleBytes)
        for (domain in sortedRules) {
          write(domain).writeByte(NEWLINE)
        }
        writeInt(totalExceptionRuleBytes)
        for (domain in sortedExceptionRules) {
          write(domain).writeByte(NEWLINE)
        }
      }
    }
  }

      "x01234567890123456789012345678901234567890123456789012345678901x",
      "x01234567890123456789012345678901234567890123456789012345678901†",
      // OkHttp rejects domain names longer than 253 code points, the web platform tests don't.