response = client.get("/items?token=jessica", headers={"X-Token": "invalid"})
    assert response.status_code == 400
    assert response.json() == {"detail": "X-Token header invalid"}


def test_items_bar_with_invalid_token(client: TestClient):
    response = client.get("/items/bar?token=jessica", headers={"X-Token": "invalid"})
    assert response.status_code == 400

func (r *Reader) AddChecksumNoTrailer(headers http.Header, ignoreValue bool) error {
	cs, err := GetContentChecksum(headers)
	if err != nil {
		return ErrInvalidChecksum
	}
	if cs == nil {
		return nil
	}
	r.contentHash = *cs
	return r.AddNonTrailingChecksum(cs, ignoreValue)
}

// AddNonTrailingChecksum will add a checksum to the reader.
// The checksum cannot be trailing.

// IsObjectLockGovernanceBypassSet returns true if object lock governance bypass header is set.
func IsObjectLockGovernanceBypassSet(h http.Header) bool {
	return strings.EqualFold(h.Get(AmzObjectLockBypassRetGovernance), "true")
}

// IsObjectLockRequested returns true if legal hold or object lock retention headers are requested.
func IsObjectLockRequested(h http.Header) bool {

 */
class Http2Reader(
  /** Creates a frame reader with max header table size of 4096. */
  private val source: BufferedSource,
  private val client: Boolean,
) : Closeable {
  private val continuation: ContinuationSource = ContinuationSource(this.source)
  private val hpackReader: Hpack.Reader =
    Hpack.Reader(
      source = continuation,
      headerTableSizeSetting = 4096,
    )

	// already present we can blindly use the
	// authToken as is instead of adding 'Bearer'
	tokens := strings.Fields(target.args.AuthToken)
	switch len(tokens) {
	case 2:
		req.Header.Set("Authorization", target.args.AuthToken)
	case 1:
		req.Header.Set("Authorization", "Bearer "+target.args.AuthToken)
	}

	req.Header.Set("Content-Type", "application/json")

	return target.httpClient.Do(req)
}

		dialer.Timeout = defaultDialTimeout
		if dial != nil {
			dialer.NetDial = dial
		}
		header := make(http.Header, 2)
		header.Set("Authorization", "Bearer "+auth())
		header.Set("X-Minio-Time", strconv.FormatInt(time.Now().UnixNano(), 10))

		if len(header) > 0 {
			dialer.Header = ws.HandshakeHeaderHTTP(header)
		}
		dialer.TLSConfig = tls

		conn, br, _, err := dialer.Dial(ctx, toDial)
		if br != nil {

                                <%-- Card Header --%>
                            <div class="card-header">
                                <jsp:include page="/WEB-INF/view/common/admin/crud/header.jsp"></jsp:include>
                            </div>
                                <%-- Card Body --%>

def test_header_repr_str():
    assert repr(Header("teststr")) == "Header(teststr)"


def test_header_repr_none():
    assert repr(Header(None)) == "Header(None)"


def test_header_repr_ellipsis():
    assert repr(Header(...)) == IsOneOf(
        "Header(PydanticUndefined)",
        # TODO: remove when deprecating Pydantic v1
        "Header(Ellipsis)",
    )


def test_header_repr_number():

    get() {
      val result = mutableListOf<Header>()
      for (inputHeader in headers) {
        val (key, value) = inputHeader.entries.iterator().next()
        result.add(Header(key, value))
      }
      return result
    }

  public override fun clone() = Case(seqno, this.wire, headers)

Symmetrically, interceptors can rewrite response headers and transform the response body. This is generally more dangerous than rewriting request headers because it may violate the webserver's expectations!

If you're in a tricky situation and prepared to deal with the consequences, rewriting response headers is a powerful way to work around problems. For example, you can fix a server's misconfigured `Cache-Control` response header to enable better response caching: