# ========================================================================================
# Framework Default
# =================
# ----------------------------------------------------------
# Lasta Taglib
# ------------
errors.header = <ul class="has-error">
errors.footer = </ul>
errors.prefix = <li><i class="fa fa-exclamation-circle"></i>
errors.suffix = </li>
# ----------------------------------------------------------
# Javax Validator

  for (i in 0 until length) {
    val c = this[i]
    if (c <= '\u001f' || c >= '\u007f') {
      return i
    }
  }
  return -1
}

/** Returns true if we should void putting this this header in an exception or toString(). */
internal fun isSensitiveHeader(name: String): Boolean =
  name.equals("Authorization", ignoreCase = true) ||
    name.equals("Cookie", ignoreCase = true) ||

        // Manually build the expected NTLMv2 blob (same as production code)
        int avPairsLength = avPairs.length;
        byte[] blob = new byte[28 + avPairsLength + 4];
        Encdec.enc_uint32le(0x00000101, blob, 0); // Header
        Encdec.enc_uint32le(0x00000000, blob, 4); // Reserved
        Encdec.enc_uint64le(nanos1601, blob, 8);
        System.arraycopy(clientChallenge, 0, blob, 16, 8);

      encodings[codePoint] = encoding
    }
  }

  fun nonPrintableAscii(encoding: Encoding) =
    apply {
      encodings[ 0x0] = encoding // Null character
      encodings[ 0x1] = encoding // Start of Header
      encodings[ 0x2] = encoding // Start of Text
      encodings[ 0x3] = encoding // End of Text
      encodings[ 0x4] = encoding // End of Transmission
      encodings[ 0x5] = encoding // Enquiry

        // DACL at offset 20
        securityDescriptorBytes[16] = 20;
        securityDescriptorBytes[17] = 0;
        securityDescriptorBytes[18] = 0;
        securityDescriptorBytes[19] = 0;

        // DACL header at offset 20
        securityDescriptorBytes[20] = 2; // ACL revision
        securityDescriptorBytes[21] = 0; // sbz1
        securityDescriptorBytes[22] = 8; // ACL size (low byte)

	dirent := (*syscall.Dirent)(unsafe.Pointer(&buf[0]))
	if v := unsafe.Offsetof(dirent.Reclen) + unsafe.Sizeof(dirent.Reclen); uintptr(len(buf)) < v {
		return consumed, nil, typ, fmt.Errorf("buf size of %d smaller than dirent header size %d", len(buf), v)
	}
	if len(buf) < int(dirent.Reclen) {
		return consumed, nil, typ, fmt.Errorf("buf size %d < record length %d", len(buf), dirent.Reclen)
	}
	consumed = int(dirent.Reclen)

    val c = this[i]
    // The WHATWG Host parsing rules accepts some character codes which are invalid by
    // definition for OkHttp's host header checks (and the WHATWG Host syntax definition). Here
    // we rule out characters that would cause problems in host headers.
    if (c <= '\u001f' || c >= '\u007f') {
      return true
    }
    // Check for the characters mentioned in the WHATWG Host parsing spec:

api.search.accept.referers=
# Whether to enable scroll for API search.
api.search.scroll=false
# Headers for API JSON response.
api.json.response.headers=Referrer-Policy:strict-origin-when-cross-origin
# Whether to include exceptions in API JSON response.
api.json.response.exception.included=false
# Headers for API GSA response.
api.gsa.response.headers=Referrer-Policy:strict-origin-when-cross-origin
# Whether to include exceptions in API GSA response.

<img src="/img/tutorial/security/image10.png">

/// note

Notice the header `Authorization`, with a value that starts with `Bearer `.

///

## Advanced usage with `scopes` { #advanced-usage-with-scopes }

OAuth2 has the notion of "scopes".

    </magic>
  </mime-type>
  <mime-type type="application/x-axcrypt">
    <_comment>AxCrypt</_comment>
    <glob pattern="*.axx" />
    <magic priority="60">
      <!-- AxCrypt block header, skip length field, then Header of type Preamble -->
      <match value="0xc0b9072e4f93f146a015792ca1d9e821" type="string" offset="0">
         <match value="2" type="big32" offset="17" />
      </match>
    </magic>
  </mime-type>