}

    public boolean isActive() {
        return active;
    }

    public void enable() {
        active = true;

        // TODO if it was null, we really need to go find them now... or is this taken care of by the ordering?
        if (children != null) {
            for (ResolutionNode node : children) {
                node.enable();
            }
        }
    }

    public void disable() {

    // We are going to take the project packaging and find all plugin in the default lifecycle and create
    // fully populated Plugin objects, including executions with goals and default configuration taken
    // from the plugin.xml inside a plugin.
    //
    // TODO This whole method could probably removed by injecting lifeCyclePluginAnalyzer straight into client site.

    @Throws(IOException::class)
    fun parse(responseHeaders: Headers): WebSocketExtensions {
      // Note that this code does case-insensitive comparisons, even though the spec doesn't specify
      // whether extension tokens and parameters are case-insensitive or not.

      var compressionEnabled = false
      var clientMaxWindowBits: Int? = null
      var clientNoContextTakeover = false
      var serverMaxWindowBits: Int? = null

Pero eso solo permitirá ciertos tipos de comunicación, excluyendo todo lo que implique credenciales: Cookies, headers de autorización como los utilizados con Bearer Tokens, etc.

Así que, para que todo funcione correctamente, es mejor especificar explícitamente los orígenes permitidos.

## Usa `CORSMiddleware` { #use-corsmiddleware }

    }

    /**
     * Gets the file identifier.
     *
     * @return the fid
     */
    public final int getFid() {
        return this.fid;
    }

    /**
     * Gets the create action taken.
     *
     * @return the createAction
     */
    public final int getCreateAction() {
        return this.createAction;
    }

    /**
     * Gets the extended file attributes.
     *

Mas isso só permitirá certos tipos de comunicação, excluindo tudo que envolva credenciais: cookies, cabeçalhos de autorização como aqueles usados ​​com Bearer Tokens, etc.

Então, para que tudo funcione corretamente, é melhor especificar explicitamente as origens permitidas.

## Usar `CORSMiddleware` { #use-corsmiddleware }

    * <a href="https://fastapi.tiangolo.com/features/" class="external-link" target="_blank">**Et bien d'autres fonctionnalités**</a> comme la validation automatique, la sérialisation, l'authentification avec OAuth2 JWT tokens, etc.
* Hashage de **mots de passe sécurisé** par défaut.
* Authentification par **jetons JWT**.
* Modèles **SQLAlchemy** (indépendants des extensions Flask, afin qu'ils puissent être utilisés directement avec des *workers* Celery).

Example:

```sh
minio server /data{1...4}
```

But doing that, in some minutes or hours the attackers would have guessed the correct username and password, with the "help" of our application, just using the time taken to answer.

#### Fix it with `secrets.compare_digest()` { #fix-it-with-secrets-compare-digest }

But in our code we are actually using `secrets.compare_digest()`.

          public void run() {
            task.interruptTask();
          }
        };
    interrupter.start();
    // this will happen once the interrupt has been set which means that
    // 1. the runner has been woken up
    // 2. the interrupter is stuck in the call the Thread.interrupt()

    // after some period of time the runner thread should become blocked on the task because it is