//
    //  * Several characters are forbidden and must throw exceptions if used.
    //  * They don't use percent escaping at all.
    //  * They use punycode for internationalization.
    //  * URI is much more strict than HttpUrl or URL on what's accepted.
    //
    // HttpUrl is quite lenient with what characters it accepts. In particular, characters like '{'

- Kubernetes is now built using go 1.17. ([#103692](https://github.com/kubernetes/kubernetes/pull/103692), [@justaugustus](https://github.com/justaugustus))
- Performs strict server side schema validation requests via the `fieldValidation=[Strict,Warn,Ignore]`. ([#105916](https://github.com/kubernetes/kubernetes/pull/105916), [@kevindelgado](https://github.com/kevindelgado))
- Promote `IPv6DualStack` feature to stable.

	"github.com/zeebo/xxh3"
)

const (
	maxEConfigJSONSize        = 262272
	kubernetesVersionEndpoint = "https://kubernetes.default.svc/version"
	anonymizeParam            = "anonymize"
	anonymizeStrict           = "strict"
)

// Only valid query params for mgmt admin APIs.
const (
	mgmtBucket      = "bucket"
	mgmtPrefix      = "prefix"
	mgmtClientToken = "clientToken"
	mgmtForceStart  = "forceStart"

cookie.search.parameter.domain=
# Path attribute for the search parameter cookie. Typically set to "/" or the context path of the app.
cookie.search.parameter.path=/
# SameSite attribute for the search parameter cookie. Valid values: Lax, Strict, None
cookie.search.parameter.same_site=Lax

# ----------------------------------------------------------
#                                                     Paging

wser":{"_":[{"key":"csp_policy","value":"default-src 'self' 'unsafe-eval' 'unsafe-inline';"},{"key":"hsts_seconds","value":"0"},{"key":"hsts_include_subdomains","value":"off"},{"key":"hsts_preload","value":"off"},{"key":"referrer_policy","value":"strict-origin-when-cross-origin"}]},"cache":{"_":[{"key":"enable","value":"off"},{"key":"endpoint","value":""},{"key":"block_size","value":""}]},"callhome":{"_":[{"key":"enable","value":"off"},{"key":"frequency","value":"24h"}]},"compression":{"_":[{"ke...

- Stopped removing the CSI JSON file if the volume was already mounted during subsequent errors. ([#131311](https://github.com/kubernetes/kubernetes/pull/131311), [@gnufied](https://github.com/gnufied))
- The `baseline` and `restricted` pod security admission levels blocked setting the `host` field on probe and lifecycle handlers. ([#125271](https://github.com/kubernetes/kubernetes/pull/125271), [@tssurya](https://github.com/tssurya)) [SIG Auth, Node and Testing]

module?e(exports,require("jquery"),require("popper.js")):"function"==typeof define&&define.amd?define(["exports","jquery","popper.js"],e):e((t="undefined"!=typeof globalThis?globalThis:t||self).bootstrap={},t.jQuery,t.Popper)}(this,(function(t,e,n){"use strict";function i(t){return t&&"object"==typeof t&&"default"in t?t:{default:t}}var o=i(e),a=i(n);function s(t,e){for(var n=0;n<e.length;n++){var i=e[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(t,i.key,i)}}function...

  allows this sysctl in `v1.29+` versions of the baseline and restricted policies. ([#121240](https://github.com/kubernetes/kubernetes/pull/121240), [@HirazawaUi](https://github.com/HirazawaUi))
- `kubelet` now allows pods to use the `net.ipv4.tcp_keepalive_time` sysctl by default
  and the minimal kernel version is 4.5; Pod Security Admission allows this sysctl

- Added "general", "baseline", and "restricted" debugging profiles for kubectl debug. ([#114280](https://github.com/kubernetes/kubernetes/pull/114280), [@sding3](https://github.com/sding3)) [SIG CLI]

            shutdownOutput = true,
          ),
        ).build(),
    )
  }

  @Test
  fun invalidHost() {
    // Note that 1234.1.1.1 is an invalid host in a URI, but URL isn't as strict.
    client =
      client
        .newBuilder()
        .dns(FakeDns())
        .build()
    assertFailsWith<UnknownHostException> {
      getResponse(
        Request
          .Builder()