}

  /**
   * This test creates a long random sequence of inputs, then a lot of differently configured sinks
   * process it; all should produce the same answer, the only difference should be the number of
   * process()/processRemaining() invocations, due to alignment.
   */
  @AndroidIncompatible // slow. TODO(cpovirk): Maybe just reduce iterations under Android.

    ...
```

Python 會必須先比較完整的 `stanleyjobso`（在 `stanleyjobsox` 與 `stanleyjobson` 之中都一樣），才會發現兩個字串不同。因此回覆「Incorrect username or password」會多花一些微秒。

#### 回應時間幫了攻擊者 { #the-time-to-answer-helps-the-attackers }

此時，透過觀察伺服器回覆「Incorrect username or password」多花了幾個微秒，攻擊者就知道他們有某些地方猜對了，前幾個字母是正確的。

接著他們會再嘗試，知道它更可能接近 `stanleyjobsox` 而不是 `johndoe`。

#### 「專業」的攻擊 { #a-professional-attack }

    @Mock
    private DcerpcHandle mockDcerpcHandle;

    // Mocking MsrpcLsarOpenPolicy2 and MsrpcLsarClose is tricky because they are created inside the constructor/method.
    // We need to use ArgumentCaptor or a custom Answer to control their behavior.
    // For now, let's assume we can mock their behavior through the sendrecv method of DcerpcHandle.

    @BeforeEach
    void setUp() {

#### Le temps de réponse aide les attaquants { #the-time-to-answer-helps-the-attackers }

            }

            if (intentResult.getIntent() == ChatIntent.UNCLEAR) {
                // Unclear intent - generate answer with empty documents to ask for clarification
                final LlmChatResponse llmResponse = llmClientManager.generateAnswer(userMessage, Collections.emptyList(), history);

////

## Quotes { #quotes }

//// tab | Test

Yesterday, my friend wrote: "If you spell incorrectly correctly, you have spelled it incorrectly". To which I answered: "Correct, but 'incorrectly' is incorrectly not '"incorrectly"'".

/// note

The LLM will probably translate this wrong. Interesting is only if it keeps the fixed translation when retranslating.

///

////

For any non-trivial change, we need to be able to answer these questions:

* Why is this change done? What's the use case?
* For user-facing features, what will the API look like?
* What test cases should it have? What could go wrong?
* How will it roughly be implemented? We'll happily provide code pointers to save you time.

        batches.add(new String[] { "c" }); // second batch
        batches.add(new String[] {}); // last -> NO_MORE_FILES

        // send() answer that mutates the provided response
        when(tree.send(any(Trans2FindFirst2.class), any(Trans2FindFirst2Response.class))).thenAnswer((InvocationOnMock inv) -> {
            Trans2FindFirst2Response resp = inv.getArgument(1);

    ...
```

Python은 두 문자열이 같지 않다는 것을 알아차리기 전까지 `stanleyjobsox`와 `stanleyjobson` 양쪽의 `stanleyjobso` 전체를 비교해야 합니다. 그래서 "Incorrect username or password"라고 응답하기까지 추가로 몇 마이크로초가 더 걸릴 것입니다.

#### 응답 시간은 공격자에게 도움이 됩니다 { #the-time-to-answer-helps-the-attackers }

이 시점에서 서버가 "Incorrect username or password" 응답을 보내는 데 몇 마이크로초 더 걸렸다는 것을 알아채면, 공격자들은 _무언가_ 맞았다는 것(초기 몇 글자가 맞았다는 것)을 알게 됩니다.

그리고 `johndoe`보다는 `stanleyjobsox`에 더 가까운 값을 시도해야 한다는 것을 알고 다시 시도할 수 있습니다.

////

## 引號 { #quotes }

//// tab | 測試

Yesterday, my friend wrote: "If you spell incorrectly correctly, you have spelled it incorrectly". To which I answered: "Correct, but 'incorrectly' is incorrectly not '"incorrectly"'".

/// note | 注意

LLM 很可能會把這段翻譯錯。重點只在於重新翻譯時是否能保留已修正的翻譯。

///

////

//// tab | 資訊

提示設計者可以選擇是否將中性引號轉換為排印引號。保留原樣也可以。