* is sent unencrypted to the proxy server, so tunnels include only the minimum set of headers.
   * This avoids sending potentially sensitive data like HTTP cookies to the proxy unencrypted.
   *
   * In order to support preemptive authentication we pass a fake "Auth Failed" response to the

		// printEntries(exp)
		// printEntries(got)
		for i, e := range exp {
			if !e.Timestamp.Equal(got[i].Timestamp) {
				return i, false
			}
			// Skip checking elapsed since it's time sensitive.
			// if e.Elapsed != got[i].Elapsed {
			// 	return false
			// }
			if e.Resource != got[i].Resource {
				return i, false
			}
			if e.Type != got[i].Type {
				return i, false
			}

    doesNotContain("agent.host.type", "shared")
}

/**
 * This is an undocumented location that forbids anonymous access.
 * We put artifacts here to avoid accidentally exposing sensitive information publicly.
 */
const val HIDDEN_ARTIFACT_DESTINATION = ".teamcity/gradle-logs"

fun BuildType.addEc2PostBuild(os: Os = Os.LINUX) {
    if (os !in listOf(Os.WINDOWS, Os.MACOS)) {
        steps {

Most of these settings are variable (can change), like database URLs. And many could be sensitive, like secrets.

For this reason it's common to provide them in environment variables that are read by the application.

/// tip

* the JSON Schema standard
* the JSON schema
* the schema definition
* Password Flow
* Mobile

* deprecated
* designed
* invalid
* on the fly
* standard
* default
* case-sensitive
* case-insensitive

* to serve the application
* to serve the page

* the app
* the application

* the request
* the response
* the error response

* the path operation

func EnableJSON() {
	color.TurnOff() // no colored outputs necessary in JSON mode.
	jsonFlag = true
	quietFlag = true
}

// EnableAnonymous - turns anonymous flag
// to avoid printing sensitive information.
func EnableAnonymous() {
	anonFlag = true
}

// IsJSON - returns true if jsonFlag is true
func IsJSON() bool {
	return jsonFlag
}

// IsQuiet - returns true if quietFlag is true

		},
		config.HelpKV{
			Key:         AuthToken,
			Description: "authorization token for plugin hook endpoint" + defaultHelpPostfix(AuthToken),
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
			Secret:      true,
		},
		config.HelpKV{
			Key:         RolePolicy,
			Description: "policies to apply for plugin authorized users" + defaultHelpPostfix(RolePolicy),
			Type:        "string",
		},

        dynamicTable[index] = entry
        headerCount++
        dynamicTableByteCount += delta
      }

      /**
       * This does not use "never indexed" semantics for sensitive headers.
       *
       * http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-12#section-6.2.3
       */
      @Throws(IOException::class)
      fun writeHeaders(headerBlock: List<Header>) {

	// We must not use the http.Header().Set method here because some (broken)
	// clients expect the ETag header key to be literally "ETag" - not "Etag" (case-sensitive).
	// Therefore, we have to set the ETag directly as map entry.
	if objInfo.ETag != "" && !del {
		w.Header()[xhttp.ETag] = []string{`"` + objInfo.ETag + `"`}
	}

//
// There are many different S3 client implementations. Most of them
// access the ETag by looking for the HTTP response header key "Etag".
// However, some of them assume that the header key has to be "ETag"
// (case-sensitive) and will fail otherwise.
// Further, some clients require that the ETag value is a double-quoted
// string. Therefore, this package provides dedicated functions for
// adding and extracting the ETag to/from HTTP headers.