type Type interface {
	fmt.Stringer

	IsRequested(http.Header) bool
	IsEncrypted(map[string]string) bool
}

// IsRequested returns true and the SSE Type if the HTTP headers
// indicate that some form server-side encryption is requested.
//
// If no SSE headers are present then IsRequested returns false
// and no Type.
func IsRequested(h http.Header) (Type, bool) {
	switch {
	case S3.IsRequested(h):
		return S3, true

	signedHeaders = append(signedHeaders, "x-amz-server-side-encryption")
	// expect to fail with `ErrUnsignedHeaders` because couldn't find some header
	_, errCode = extractSignedHeaders(signedHeaders, r)
	if errCode != ErrUnsignedHeaders {
		t.Fatalf("Expected the APIErrorCode to %d, but got %d", ErrUnsignedHeaders, errCode)
	}
	// set headers value through Get parameter
	inputQuery.Add("x-amz-server-side-encryption", xhttp.AmzEncryptionAES)

 * endpoint) or <i>closed</i> (includes the endpoint) on that side. With three possibilities on each
 * side, this yields nine basic types of ranges, enumerated below. (Notation: a square bracket
 * ({@code [ ]}) indicates that the range is closed on that side; a parenthesis ({@code ( )}) means
 * it is either open or unbounded. The construct {@code {x | statement}} is read "the set of all

        // mimetype
        defaultDataMap.put(fessConfig.getIndexFieldMimetype(), mimeType);
        // title
        // content
        // cache
        // digest
        // host
        // site
        // url
        // anchor
        // content_length
        // last_modified
        // id
        // virtual_host
        defaultDataMap.put(fessConfig.getIndexFieldVirtualHost(),

    // Test with various field names
    @Test
    public void test_convertFuzzyQuery_withVariousFields() {
        QueryContext context = new QueryContext("test", false);
        String[] fields = { "title", "content", "url", "site", "host", "mimetype" };

        for (String field : fields) {
            Term term = new Term(field, "fuzzy");
            FuzzyQuery fuzzyQuery = new FuzzyQuery(term);

                this.node[_i] = (byte) _src.dec_ndr_small();
            }
        }
    }

    /**
     * Policy handle structure for DCE/RPC operations.
     * Represents an opaque handle used to reference server-side resources.
     */
    public static class policy_handle extends NdrObject {

        /**
         * Default constructor for policy_handle.
         */
        public policy_handle() {

This, of course, is not optimal and you wouldn't use it for production.

In production you would have one of the options above.

But it's the simplest way to focus on the server-side of WebSockets and have a working example:

{* ../../docs_src/websockets_/tutorial001_py310.py hl[2,6:38,41:43] *}

## Create a `websocket` { #create-a-websocket }

In your **FastAPI** application, create a `websocket`:

// https://www.iana.org/domains/root/db/sina.html
sina

// singles : Binky Moon, LLC
// https://www.iana.org/domains/root/db/singles.html
singles

// site : Radix Technologies Inc.
// https://www.iana.org/domains/root/db/site.html
site

// ski : Identity Digital Limited
// https://www.iana.org/domains/root/db/ski.html
ski

// skin : XYZ.COM LLC

        // Query was processed successfully
    }

    @Test
    public void test_convertPrefixQuery_withNotAnalyzedField() throws Exception {
        setNotAnalyzedFields("url", "site");

        QueryContext context = new QueryContext("test", false);
        PrefixQuery prefixQuery = new PrefixQuery(new Term("url", "http"));

既定では、FastAPI は JSON リクエストボディに対して厳格な `Content-Type` ヘッダーのチェックを行います。つまり、JSON のリクエストを JSON として解析するには、有効な `Content-Type` ヘッダー（例: `application/json`）を必ず含める必要があります。

## CSRF のリスク { #csrf-risk }

この既定の挙動は、ある特定の状況における Cross-Site Request Forgery（CSRF）攻撃の一種に対する保護を提供します。

これらの攻撃は、次の条件を満たすときにブラウザが CORS のプリフライトチェックを行わずにスクリプトからリクエストを送信できる事実を悪用します。

- `Content-Type` ヘッダーがない（例: `Blob` をボディにして `fetch()` を使う）
- かつ、いかなる認証情報も送信しない

この種の攻撃は主に次のような場合に関係します。