// SetAuditEntry sets Audit info in the context.
func SetAuditEntry(ctx context.Context, audit *audit.Entry) context.Context {
	if ctx == nil {
		LogIf(context.Background(), "audit", fmt.Errorf("context is nil"))
		return nil
	}
	return context.WithValue(ctx, contextAuditKey, audit)
}

// GetAuditEntry returns Audit entry if set.
func GetAuditEntry(ctx context.Context) *audit.Entry {
	if ctx != nil {

	ctx, cancel := context.WithTimeout(ctx, ds.Timeouts.Acquire)
	defer cancel()

	// Special context for NetLockers - do not use timeouts.
	// Also, pass the trace context info if found for debugging
	netLockCtx := context.Background()

	tc, ok := ctx.Value(mcontext.ContextTraceKey).(*mcontext.TraceCtxt)
	if ok {
		netLockCtx = context.WithValue(netLockCtx, mcontext.ContextTraceKey, tc)
	}

# Chequeo estricto de Content-Type { #strict-content-type-checking }

Por defecto, **FastAPI** usa un chequeo estricto del header `Content-Type` para request bodies JSON, esto significa que las requests JSON deben incluir un header `Content-Type` válido (p. ej. `application/json`) para que el request body se parse como JSON.

## Riesgo de CSRF { #csrf-risk }

# Строгая проверка HTTP-заголовка Content-Type { #strict-content-type-checking }

По умолчанию **FastAPI** использует строгую проверку HTTP-заголовка `Content-Type` для JSON-тел запросов. Это означает, что JSON-запросы должны включать корректный заголовок `Content-Type` (например, `application/json`), чтобы тело запроса было обработано как JSON.

## Риск CSRF { #csrf-risk }

        // Then
        NegotiateContextRequest[] contexts = request.getNegotiateContexts();
        assertNotNull(contexts);
        assertEquals(2, contexts.length);

        // Verify preauth context
        assertTrue(contexts[0] instanceof PreauthIntegrityNegotiateContext);
        assertEquals(PreauthIntegrityNegotiateContext.NEGO_CTX_PREAUTH_TYPE, contexts[0].getContextType());

        // Verify encryption context

    }

    /**
     * Set the create contexts for this request
     * @param contexts the create contexts to set
     */
    public void setCreateContexts(CreateContextRequest[] contexts) {
        this.createContexts = contexts;
    }

    /**
     * Add a create context to this request
     * @param context the create context to add
     */

		r.Body = reqRecorder

		// Create tracing data structure and associate it to the request context
		tc := mcontext.TraceCtxt{
			AmzReqID:         w.Header().Get(xhttp.AmzRequestID),
			RequestRecorder:  reqRecorder,
			ResponseRecorder: respRecorder,
		}

		r = r.WithContext(context.WithValue(r.Context(), mcontext.ContextTraceKey, &tc))

		reqStartTime := time.Now().UTC()
		h.ServeHTTP(respRecorder, r)

	if *flagCheck {
		// slow, not worth repeating in -check
		t.Skip("skipping with -check set")
	}
	testenv.MustHaveGoBuild(t)
	context := new(build.Context)
	*context = build.Default
	context.Dir = filepath.Join(testenv.GOROOT(t), "src")

	w := NewWalker(context, context.Dir)
	for _, pkg := range w.stdPackages {
		if strings.HasPrefix(pkg, "vendor/") || strings.HasPrefix(pkg, "golang.org/x/") {

            throw new CIFSException("Preauth integrity context is invalid for session: " + sessionId);
        }

        try {
            byte[] newHash = calculateHash(context.getCurrentHash(), messageData, context.getHashAlgorithm());
            context.updateHash(newHash);

            log.debug("Updated preauth hash for session {} with {} bytes of data", sessionId, messageData.length);

    CIFSContext withDefaultCredentials();

    /**
     * Create a child context with anonymous credentials
     *
     * @return a child context using anonymous credentials
     */
    CIFSContext withAnonymousCredentials();

    /**
     * Create a child context with guest credentials
     *
     * @return a child context using guest credentials
     */
    CIFSContext withGuestCrendentials();

    /**