* `ID <= lastGoodStreamId` can only be replayed on a new connection if they are idempotent.
     *
     * @param lastGoodStreamId the last stream ID the peer processed before sending this message. If
     *     [lastGoodStreamId] is zero, the peer processed no frames.
     * @param errorCode reason for closing the connection.
     * @param debugData only valid for HTTP/2; opaque debug data to send.

 * <ul>
 * <li>Retrieves crawled documents from the data service</li>
 * <li>Transforms document data using appropriate transformers</li>
 * <li>Applies document boosting rules and click/favorite count enhancements</li>
 * <li>Sends processed documents to the search engine for indexing</li>
 * <li>Manages cleanup of processed crawler session data</li>
 * </ul>
 *
 * <p>The updater runs continuously until crawling is finished and all documents are processed.

### Server-Side Encryption with client-provided Keys

SSE-C allows an S3 client to en/decrypt an object at the MinIO server. Therefore the S3 client sends a secret key as part of the HTTP request. This secret key is **never** stored by the MinIO server and only resides in RAM during the en/decryption process.

            }
            if (SpnegoHttpFilter.Constants.ALLOW_UNSEC_BASIC.equals(name)) {
                // SECURITY WARNING: Unsecure basic authentication is enabled by default.
                // This sends credentials in Base64 encoding over potentially unencrypted connections.
                // For production, it is STRONGLY RECOMMENDED to set spnego.allow.unsecure.basic to false

        when(fh.acquire()).thenReturn(fh);
        lenient().when(fh.isValid()).thenReturn(true);
        lenient().when(fh.getTree()).thenReturn(tree);

        // Mock both sends and return response
        when(tree.send(any(TransWaitNamedPipe.class), any(TransWaitNamedPipeResponse.class))).thenAnswer(inv -> inv.getArgument(1));

		}
	}
}

// minioResourceCollector is the Collector for resource metrics
type minioResourceCollector struct {
	metricsGroups []*MetricsGroupV2
	desc          *prometheus.Desc
}

// Describe sends the super-set of all possible descriptors of metrics
func (c *minioResourceCollector) Describe(ch chan<- *prometheus.Desc) {
	ch <- c.desc
}

// Collect is called by the Prometheus registry when collecting metrics.

For applications still sending queries to GSA endpoints, Fess provides a configuration option:

**Enable GSA API**

Add to `system.properties`:
```properties
web.api.gsa=true
```

These proxies could handle HTTPS certificates and other things.

## Proxy Forwarded Headers { #proxy-forwarded-headers }

A **proxy** in front of your application would normally set some headers on the fly before sending the requests to your **server** to let the server know that the request was **forwarded** by the proxy, letting it know the original (public) URL, including the domain, that it is using HTTPS, etc.

			return true
		case segmentEnd-segmentStart == 1 && path[segmentStart] == '.':
			return true
		}
		i++
	}
	return false
}

// Check if client is sending a malicious request.
func hasMultipleAuth(r *http.Request) bool {
	authTypeCount := 0
	for _, hasValidAuth := range []func(*http.Request) bool{
		isRequestSignatureV2, isRequestPresignedSignatureV2,

        SmbFile file = (SmbFile) getField(raf, "file");
        when(file.length()).thenReturn(42L);
        assertEquals(42L, raf.length());
    }

    @Test
    @DisplayName("setLength(): SMB2 path sends Smb2SetInfoRequest")
    void setLength_smb2_sendsSetInfo() throws Exception {
        SmbRandomAccessFile raf = newInstance("rw", true, false, false);
        SmbFileHandleImpl fh = (SmbFileHandleImpl) getField(raf, "handle");