///

## About "Form Fields" { #about-form-fields }

The way HTML forms (`<form></form>`) sends the data to the server normally uses a "special" encoding for that data, it's different from JSON.

**FastAPI** will make sure to read that data from the right place instead of JSON.

/// note | Technical Details

func healBucket(bucket string, scan madmin.HealScanMode) error {
	// Get background heal sequence to send elements to heal
	bgSeq, ok := globalBackgroundHealState.getHealSequenceByToken(bgHealingUUID)
	if ok {
		return bgSeq.queueHealTask(healSource{bucket: bucket}, madmin.HealItemBucket)
	}
	return nil
}

// healObject sends the given object/version to the background healing workers

      if (errorCode != null) {
        throw errorException ?: StreamResetException(errorCode!!)
      }
      return null
    }
  }

  /**
   * Sends a reply to an incoming stream.
   *
   * @param outFinished true to eagerly finish the output stream to send data to the remote peer.
   *     Corresponds to `FLAG_FIN`.
   * @param flushHeaders true to force flush the response headers. This should be true unless the

	// Listen Publisher and peer-listen-client uses nonblocking send and hence does not wait for slow receivers.
	// Use buffered channel to take care of burst sends or slow w.Write()
	mergeCh := make(chan []byte, globalAPIConfig.getRequestsPoolCapacity()*len(globalEndpoints.Hostnames()))
	localCh := make(chan event.Event, globalAPIConfig.getRequestsPoolCapacity())

	// Convert local messages to JSON and send to mergeCh
	go func() {

        lenient().when(fh.isValid()).thenReturn(true);
        lenient().when(fh.getTree()).thenReturn(tree);

        // Mock both sends and return response
        when(tree.send(any(TransWaitNamedPipe.class), any(TransWaitNamedPipeResponse.class))).thenAnswer(inv -> inv.getArgument(1));
        when(tree.send(any(TransCallNamedPipe.class), any(TransCallNamedPipeResponse.class))).thenAnswer(inv -> inv.getArgument(1));

That tells the browser to show the integrated prompt for a username and password.

Then, when you type that username and password, the browser sends them in the header automatically.

## Simple HTTP Basic Auth { #simple-http-basic-auth }

* Import `HTTPBasic` and `HTTPBasicCredentials`.
* Create a "`security` scheme" using `HTTPBasic`.

So, let's review it from that simplified point of view:

* The user types the `username` and `password` in the frontend, and hits `Enter`.
* The frontend (running in the user's browser) sends that `username` and `password` to a specific URL in our API (declared with `tokenUrl="token"`).
* The API checks that `username` and `password`, and responds with a "token" (we haven't implemented any of this yet).

```

## Example

MinIO exposes a custom S3 STS API endpoint as `Action=AssumeRoleWithCertificate`. A client has to send an HTTP `POST` request to `https://<host>:<port>?Action=AssumeRoleWithCertificate&Version=2011-06-15`. Since the authentication and authorization happens via X.509 certificates the client has to send the request over **TLS** and has to provide
a client certificate.

Then, the browser will send an HTTP `OPTIONS` request to the `:80`-backend, and if the backend sends the appropriate headers authorizing the communication from this different origin (`http://localhost:8080`) then the `:8080`-browser will let the JavaScript in the frontend send its request to the `:80`-backend.

To achieve this, the `:80`-backend must have a list of "allowed origins".

  override fun send(text: String): Boolean = send(text.encodeUtf8(), OPCODE_TEXT)

  override fun send(bytes: ByteString): Boolean = send(bytes, OPCODE_BINARY)

  @Synchronized private fun send(
    data: ByteString,
    formatOpcode: Int,
  ): Boolean {
    // Don't send new frames after we've failed or enqueued a close frame.