import okhttp3.internal.UTC

/** The last four-digit year: "Fri, 31 Dec 9999 23:59:59 GMT". */
internal const val MAX_DATE = 253402300799999L

/**
 * Most websites serve cookies in the blessed format. Eagerly create the parser to ensure such
 * cookies are on the fast path.
 */
private val STANDARD_DATE_FORMAT =
  object : ThreadLocal<DateFormat>() {
    override fun initialValue(): DateFormat {

                final Cookie[] cookies = request.getCookies();
                if (cookies != null) {
                    for (final Cookie cookie : cookies) {
                        if ("fsid".equals(cookie.getName()) && "12345abcde12345ABCDE".equals(cookie.getValue())) {
                            return cookie.getValue();
                        }
                    }

   * {@code co.uk}, {@code google.invalid}, or {@code blogspot.com}.
   *
   * <p>This method can be used to determine whether it will probably be possible to set cookies on
   * the domain, though even that depends on individual browsers' implementations of cookie
   * controls. See <a href="http://www.ietf.org/rfc/rfc2109.txt">RFC 2109</a> for details.
   *
   * @since 6.0
   */
  public boolean isUnderPublicSuffix() {

    options:
        members:
            - scope
            - app
            - url
            - base_url
            - headers
            - query_params
            - path_params
            - cookies
            - client
            - state
            - url_for
            - client_state
            - application_state
            - receive
            - send
            - accept

  /**
   * Configure the ApplicationContext. Not needed unless the AndroidX Startup [Initializer] is disabled, or running
   * a robolectric test.
   *
   * The functionality that will fail without a valid Context is primarily Cookies and URL Domain handling, but
   * may expand in the future.
   */
  fun initialize(applicationContext: Context) {
    if (PlatformRegistry.applicationContext == null) {

* Clés d'API dans:
    * Le header.
    * Les paramètres de requêtes.
    * Les cookies, etc.

Plus toutes les fonctionnalités de sécurités venant de Starlette (incluant les **cookies de sessions**).

Le tout conçu en composant réutilisable facilement intégrable à vos systèmes, data stores, base de données relationnelle ou NoSQL, etc.

## Wildcards { #wildcards }

It's also possible to declare the list as `"*"` (a "wildcard") to say that all are allowed.

But that will only allow certain types of communication, excluding everything that involves credentials: Cookies, Authorization headers like those used with Bearer Tokens, etc.

So, for everything to work correctly, it's better to specify explicitly the allowed origins.

## Use `CORSMiddleware` { #use-corsmiddleware }

Ви можете використовувати налаштування моделі Pydantic, щоб `заборонити` будь-які `додаткові` поля:

{* ../../docs_src/cookie_param_models/tutorial002_an_py39.py hl[10] *}

Якщо клієнт спробує надіслати якісь **додаткові cookie**, він отримає відповідь з **помилкою**.

* Se você precisar enviar *Dados de Formulário* em vez de JSON, use o parâmetro `data`.
* Para passar *headers*, use um `dict` no parâmetro `headers`.
* Para *cookies*, um `dict` no parâmetro `cookies`.

Para mais informações sobre como passar dados para o backend (usando `httpx` ou `TestClient`), consulte a <a href="https://www.python-httpx.org" class="external-link" target="_blank">documentação do HTTPX</a>.

# `Response` class

You can declare a parameter in a *path operation function* or dependency to be of type `Response` and then you can set data for the response like headers or cookies.

You can also use it directly to create an instance of it and return it from your *path operations*.

You can import it directly from `fastapi`:

```python
from fastapi import Response
```