Заголовки прокси:

* [X-Forwarded-For](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-For)
* [X-Forwarded-Proto](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Proto)
* [X-Forwarded-Host](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Host)

///

            checkPostMethod(requestBody, getItemEndpointSuffix());
        }
        refresh();

        // Download CSV
        Response response =
                given().contentType("application/json").header("Authorization", getTestToken()).when().get(getApiPath() + "/download");

        assertEquals(200, response.getStatusCode());
        String body = response.getBody().asString();

            checkPostMethod(requestBody, getItemEndpointSuffix());
        }
        refresh();

        // Download CSV
        Response response =
                given().contentType("application/json").header("Authorization", getTestToken()).when().get(getApiPath() + "/download");

        assertEquals(200, response.getStatusCode());
        String body = response.getBody().asString();

     * Each tag configuration follows the pattern: tagname[attr=value].classname#id
     *
     * Examples:
     * - "div.content" matches div elements with class "content"
     * - "span#header" matches span elements with ID "header"
     * - "p[data-type=ad]" matches p elements with data-type attribute equal to "ad"
     *
     * @param value the comma-separated string of pruned tag configurations

<link href="${fe:url('/css/font-awesome.min.css')}" rel="stylesheet"
	type="text/css" />
</head>
<body>
	<la:form action="/search" method="get" styleId="searchForm">
		${fe:facetForm()}${fe:geoForm()}
		<header>
			<nav class="navbar navbar-expand-md navbar-dark fixed-top bg-dark">
				<div id="content" class="container">
					<div class="navbar-brand"></div>

        f"docs_src.authentication_error_status_code.{request.param}"
    )

    client = TestClient(mod.app)
    return client


def test_get_me(client: TestClient):
    response = client.get("/me", headers={"Authorization": "Bearer secrettoken"})
    assert response.status_code == 200
    assert response.json() == {
        "message": "You are authenticated",
        "token": "secrettoken",
    }

///

/// info | Info

In diesem Beispiel verwenden wir zwei erfundene benutzerdefinierte Header `X-Key` und `X-Token`.

Aber in realen Fällen würden Sie bei der Implementierung von Sicherheit mehr Vorteile durch die Verwendung der integrierten [Sicherheits-Werkzeuge (siehe nächstes Kapitel)](../security/index.md) erzielen.

프록시 헤더는 다음과 같습니다:

* [X-Forwarded-For](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-For)
* [X-Forwarded-Proto](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Proto)
* [X-Forwarded-Host](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Host)

///

그럼에도 불구하고 **애플리케이션 서버**는 자신이 신뢰할 수 있는 **프록시** 뒤에 있다는 것을 모르므로, 기본적으로는 그 헤더들을 신뢰하지 않습니다.

# Header

{* ../../docs_src/dependencies/tutorial013_an_py310.py ln[19:21] *}

Some text

{* ../../docs_src/bigger_applications/app_an_py310/internal/admin.py hl[3] title["app/internal/admin.py"] *}

Some more text

...

    @Test
    public void testDecodePartialData() {
        // Create a buffer with only standard lease data (no directory-specific data)
        byte[] buffer = new byte[56]; // Header + name + padding + standard lease data only

        // Write minimal header
        SMBUtil.writeInt4(0, buffer, 0); // Next
        SMBUtil.writeInt2(16, buffer, 4); // NameOffset
        SMBUtil.writeInt2(4, buffer, 6); // NameLength