.Builder()
        .url(server.url("/"))
        .build()
    val response = client.newCall(request).execute()
    assertThat("b").isEqualTo(response.body.string())
  }

  /** Make sure interceptors can interact with the OkHttp client.  */
  @Test
  fun interceptorMakesAnUnrelatedRequest() {
    server.enqueue(MockResponse.Builder().body("a").build()) // Fetched by interceptor.

      replaceWith = ReplaceWith(expression = "level"),
      level = DeprecationLevel.ERROR,
    )
    fun getLevel(): Level = level

    @Throws(IOException::class)
    override fun intercept(chain: Interceptor.Chain): Response {
      val level = this.level

      val request = chain.request()
      if (level == Level.NONE) {
        return chain.proceed(request)
      }

But this example is still valid and it shows how to interact with the internal components.

///

We can also use this same approach to access the request body in an exception handler.

All we need to do is handle the request inside a `try`/`except` block:

```

即使惡意網站與本機應用的主機不同，瀏覽器也不會觸發 CORS 預檢請求，因為：

- 它在未經任何身分驗證的情況下執行，不需要送出任何憑證。
- 由於缺少 `Content-Type` 標頭，瀏覽器認為它並未傳送 JSON。

接著，惡意網站就能讓本機的 AI 代理替使用者向前老闆發飆傳訊... 或做更糟的事。😅

## 公開的網際網路 { #open-internet }

如果你的應用部署在公開的網際網路上，你不會「信任網路」而允許任何人在未經身分驗證的情況下發送具權限的請求。

攻擊者可以直接執行腳本向你的 API 發送請求，無需透過瀏覽器互動，因此你多半已經對任何具權限的端點做了防護。

在這種情況下，這種攻擊／風險不適用於你。

此風險與攻擊主要與應用只在本機或內部網路上執行，且「僅依賴此為保護」的情境相關。

signs the other party's chain.

Well-Known Certificate Authorities
----------------------------------

In these examples we've prearranged which root certificates to trust. But for regular HTTPS on the
Internet this set of trusted root certificates is usually provided by default by the host platform.
Such a set typically includes many root certificates from well-known certificate authorities like
Entrust and Verisign.

- 인증 없이 동작하므로 자격 증명을 보낼 필요가 없습니다.
- 브라우저는 JSON을 보내지 않는다고 판단합니다(`Content-Type` 헤더가 없기 때문).

그러면 악성 웹사이트가 로컬 AI 에이전트로 하여금 사용자의 전 직장 상사에게 화난 메시지를 보내게 하거나... 더 나쁜 일을 시킬 수도 있습니다. 😅

## 공개 인터넷 { #open-internet }

여러분의 앱이 공개 인터넷에 있다면, '네트워크를 신뢰'하여 누구나 인증 없이 권한 있는 요청을 보내도록 두지는 않을 것입니다.

공격자는 브라우저 상호작용 없이도 스크립트를 실행해 여러분의 API로 요청을 보낼 수 있으므로, 아마 이미 권한이 필요한 엔드포인트는 보호하고 있을 것입니다.

그런 경우에는 이 공격/위험은 해당하지 않습니다.

     * (Android vs. Java), by platform release (Android 4.4 vs. Android 9), and with user
     * customizations.
     *
     * Most TLS clients that connect to hosts on the public Internet should call this method.
     * Otherwise it is necessary to manually prepare a comprehensive set of trusted roots.
     *
     * If the host platform is compromised or misconfigured this may contain untrustworthy root

         * the project already contains the plugin executions induced by the project's packaging type. Remember, all
         * phases of interest and only those are in the lifecycle mapping, if a phase has no value in the map, we are
         * not interested in any of the executions bound to it.
         */

# TensorFlow Code of Conduct

In the interest of fostering an open and welcoming environment, we as
contributors and maintainers pledge to make participation in our project and our
community a harassment-free experience for everyone, regardless of age, body
size, disability, ethnicity, gender identity and expression, level of
experience, nationality, personal appearance, race, religion, or sexual identity
and orientation.

## Our Standards

///

Örneğin bu custom validator, bir item ID’sinin <abbr title="International Standard Book Number - Uluslararası Standart Kitap Numarası">ISBN</abbr> kitap numarası için `isbn-` ile veya <abbr title="Internet Movie Database - İnternet Film Veritabanı: filmler hakkında bilgi içeren bir web sitesi">IMDB</abbr> film URL ID’si için `imdb-` ile başladığını kontrol eder: