role-to-assume: arn:aws:iam::992382829881:role/GHASecrets_gradle_all
          aws-region: "eu-central-1"
      - name: get secrets
        uses: aws-actions/aws-secretsmanager-get-secrets@v2
        with:
          secret-ids: |
            PERFORMANCE_DB_URL, gha/gradle/_all/PERFORMANCE_DB_URL
            PERFORMANCE_DB_USERNAME, gha/gradle/_all/PERFORMANCE_DB_USERNAME

        </ul>
    </div>
    <div id="content"></div>
    <div id="form">
        <form method="post" action="form.html">
            <input type="text" name="query" value="aaa">
            <input type="hidden" name="secret" value="xxx">
            <input type="submit" name="Submit">
        </form>
    </div>
	<a href="#" onclick="addFooter('XXX')">Footer</a>
	<div id="footer">
	</div>
</body>

                case FessConfig.APP_CIPHER_KEY:
                    return "___change__me___";
                case FessConfig.APP_ENCRYPT_PROPERTY_PATTERN:
                    return ".*password|.*key|.*token|.*secret";
                case FessConfig.APP_EXTENSION_NAMES:
                    return "jpg,jpeg,gif,png";

                case FessConfig.JOB_MAX_CRAWLER_PROCESSES:
                    return "3";

	exit 1
fi

s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket bucket2
s3-check-md5 -versions -access-key minioadmin -secret-key minioadmin -endpoint http://127.0.0.1:9001/ -bucket versioned

	}

	appParams := cmd.OpenIDClientAppParams{
		ClientID:     "minio-client-app",
		ClientSecret: "minio-client-app-secret",
		ProviderURL:  "http://127.0.0.1:5556/dex",
		RedirectURL:  "http://127.0.0.1:10000/oauth_callback",
	}

	oidcToken, err := cmd.MockOpenIDTestUserInteraction(ctx, appParams, "******@****.***", "dillon")

👆 🔜 👀 👩‍💻 🔢 💖:

<img src="/img/tutorial/security/image07.png">

✔ 🈸 🎏 🌌 ⏭.

⚙️ 🎓:

🆔: `johndoe`
🔐: `secret`

/// check

👀 👈 🕳 📟 🔢 🔐 "`secret`", 👥 🕴 ✔️ #️⃣ ⏬.

///

<img src="/img/tutorial/security/image08.png">

🤙 🔗 `/users/me/`, 👆 🔜 🤚 📨:

```JSON
{
  "username": "johndoe",

   * that it can be done securely, without vulnerability to race conditions (i.e. when the file
   * system does not support {@link SecureDirectoryStream}).
   *
   * <p><b>Warning:</b> On a file system that supports symbolic links, it is possible for an
   * insecure recursive delete to delete files and directories that are <i>outside</i> the directory

* O **modelo de saída** não deve ter uma senha.
* O **modelo de banco de dados** provavelmente precisaria ter uma senha criptografada.

/// danger

Nunca armazene senhas em texto simples dos usuários. Sempre armazene uma "hash segura" que você pode verificar depois.

Se não souber, você aprenderá o que é uma "senha hash" nos [capítulos de segurança](security/simple-oauth2.md#password-hashing){.internal-link target=_blank}.

///

У Pydantic-моделей есть метод `.dict()`, который возвращает `dict` с данными модели.

Поэтому, если мы создадим Pydantic-объект `user_in` таким способом:

```Python
user_in = UserIn(username="john", password="secret", email="******@****.***")
```

и затем вызовем:

```Python
user_dict = user_in.dict()
```

     * gaps. For example, an insecure TLS connection is capable of negotiating HTTP/2 with ALPN and
     * it also has a regular-looking handshake.
     *
     * **This feature is not supported on Android API levels less than 24.** Prior releases lacked
     * a mechanism to trust some hosts and not others.
     *
     * @param hostname the exact hostname from the URL for insecure connections.
     */