return
	}

	// Ensure body content type is opaque to ensure that request body has not
	// been interpreted as form data.
	contentType := r.Header.Get("Content-Type")
	if contentType != "application/octet-stream" {
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrBadRequest), r.URL)
		return
	}

	password := cred.SecretKey

	defer cancel()

	req, err := http.NewRequestWithContext(ctx, http.MethodGet, serverURL.String(), nil)
	if err != nil {
		return err
	}
	// Indicate that the liveness check for a peer call
	req.Header.Set(xhttp.MinIOPeerCall, "true")

	resp, err := httpClient.Do(req)
	if err != nil {
		return err
	}
	xhttp.DrainBody(resp.Body)

	return nil
}

In this case the middleware will intercept the incoming request and respond with appropriate CORS headers, and either a `200` or `400` response for informational purposes.

### Simple requests { #simple-requests }

Any request with an `Origin` header. In this case the middleware will pass the request through as normal, but will include appropriate CORS headers on the response.

     */
    private byte[] createValidSecurityDescriptorBuffer(int size) {
        ByteBuffer buffer = ByteBuffer.allocate(size);
        buffer.order(ByteOrder.LITTLE_ENDIAN);

        // Security descriptor header
        buffer.put((byte) 0x01); // Revision
        buffer.put((byte) 0x00); // Padding
        buffer.putShort((short) 0x8004); // Control flags (SE_DACL_PRESENT | SE_SELF_RELATIVE)

    /** The path of the HTML: /footer.jsp */
    HtmlNext path_FooterJsp = new HtmlNext("/footer.jsp");

    /** The path of the HTML: /header.jsp */
    HtmlNext path_HeaderJsp = new HtmlNext("/header.jsp");

    /** The path of the HTML: /help.jsp */
    HtmlNext path_HelpJsp = new HtmlNext("/help.jsp");

    /** The path of the HTML: /index.jsp */

                logger.debug("Failed to retrieval a cache.", e);
            }
            return new XPathAPI();
        }
    }

    /**
     * Returns the header for the result data.
     * @return The result data header.
     */
    protected String getResultDataHeader() {
        // TODO support other type
        return "<?xml version=\"1.0\"?>\n<doc>\n";
    }

    /**

        // logger.debug(response.asString());
        return response;
    }

    protected Response checkDeleteMethod(final String path) {
        return given().contentType("application/json").header("Authorization", getTestToken()).delete(getApiPath() + "/" + path);
    }

    protected List<Map<String, Object>> getItemList(final Map<String, Object> body) {

        }
        byte[] nameBytes = "bob".getBytes(StandardCharsets.US_ASCII);

        return Stream.of(
                // Too short for TOK_ID + MECH_OID_LEN
                Arguments.of("too short header", new byte[] { 0x04, 0x01, 0x00 }, IllegalArgumentException.class),

                // Wrong TOK_ID
                Arguments.of("wrong TOK_ID", new byte[] { 0x00, 0x02, 0x00, 0x01 }, IllegalArgumentException.class),

			}
		}
	}
}

var replicationStateTest = []struct {
	name      string
	rs        ReplicationState
	arn       string
	expStatus replication.StatusType
}{
	{ // 1. no replication status header
		name:      "no replicated targets",
		rs:        ReplicationState{},
		expStatus: replication.StatusType(""),
	},
	{ // 2. replication status for one target
		name:      "replication status for one target",

		return
	}

	tiers := globalTierConfigMgr.ListTiers()
	data, err := json.Marshal(tiers)
	if err != nil {
		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
		return
	}

	w.Header().Set(tierCfgRefreshAtHdr, globalTierConfigMgr.refreshedAt().String())
	writeSuccessResponseJSON(w, data)
}

func (api adminAPIHandlers) EditTierHandler(w http.ResponseWriter, r *http.Request) {
	ctx := r.Context()