}
	// We have checked if prefix matches, so we can do direct compare.
	return b.First > prefix
}

// endedPrefix returns true if the given prefix ends within the block.
func (b metacacheBlock) endedPrefix(prefix string) bool {
	if prefix == "" || strings.HasPrefix(b.Last, prefix) {
		return false
	}

	// We have checked if prefix matches, so we can do direct compare.
	return b.Last > prefix

            if (requestHeader.isValid()) {
                requestHeaderList.add(new BasicHeader(requestHeader.getName(), requestHeader.getValue()));
            }
        }

        // do not redirect
        requestConfigBuilder.setRedirectsEnabled(getInitParameter(REDIRECTS_ENABLED, redirectsEnabled, Boolean.class));

        // cookie
        if (cookieSpec != null) {

          || c > safeMaxChar
          || c < safeMinChar) {
        break;
      }
      index++;
    }
    return index;
  }

  /**
   * Escapes a code point that has no direct explicit value in the replacement array and lies
   * outside the stated safe range. Subclasses should override this method to provide generalized
   * escaping for code points if required.
   *

      interruptenator.shutdown();
      Thread.interrupted();
    }
  }

  /**
   * awaitFullGc() is not quite as reliable a way to ensure calling of a specific finalize method as
   * the more direct await* methods, but should be reliable enough in practice to avoid flakiness of
   * this test. (And if it isn't, we'd like to know about it first!)
   */
  public void testAwaitFullGc() {

            request.setAttribute(formKey, formBuf.toString());
        }
    }

    protected HtmlResponse redirectToLogin() {
        return systemHelper.getRedirectResponseToLogin(redirect(SsoAction.class));
    }

    protected HtmlResponse redirectToRoot() {
        return systemHelper.getRedirectResponseToRoot(newHtmlResponseAsRedirect("/"));
    }

That's what all the systems with "login with Facebook, Google, Twitter, GitHub" use underneath.

### OAuth 1

There was an OAuth 1, which is very different from OAuth2, and more complex, as it included direct specifications on how to encrypt the communication.

It is not very popular or used nowadays.

OAuth2 doesn't specify how to encrypt the communication, it expects you to have your application served with HTTPS.

/// tip

                                        Valid Options: ANY, ROUTE, REDIRECT, DIRECT_RESPONSE
                                      enum:
                                      - ANY
                                      - ROUTE
                                      - REDIRECT
                                      - DIRECT_RESPONSE
                                      type: string

	"$content-type":            true,
	"$content-disposition":     true,
	"$content-encoding":        true,
	"$expires":                 true,
	"$key":                     true,
	"$success_action_redirect": true,
	"$redirect":                true,
	"$success_action_status":   true,
	"$x-amz-algorithm":         false,
	"$x-amz-credential":        false,
	"$x-amz-date":              false,
}

var postPolicyIgnoreKeys = map[string]bool{

    /** The path of the HTML: /error/notFound.jsp */
    HtmlNext path_Error_NotFoundJsp = new HtmlNext("/error/notFound.jsp");

    /** The path of the HTML: /error/redirect.jsp */
    HtmlNext path_Error_RedirectJsp = new HtmlNext("/error/redirect.jsp");

    /** The path of the HTML: /error/system.jsp */
    HtmlNext path_Error_SystemJsp = new HtmlNext("/error/system.jsp");

    /** The path of the HTML: /footer.jsp */

        verifyToken(() -> asHtml(path_AdminGeneral_AdminGeneralJsp));

        updateConfig(fessConfig, form);
        saveInfo(messages -> messages.addSuccessUpdateCrawlerParams(GLOBAL));
        return redirect(getClass());
    }

    public static void updateConfig(final FessConfig fessConfig, final EditForm form) {
        fessConfig.setLoginRequired(isCheckboxEnabled(form.loginRequired));