## Proxy Forwarded Headers { #proxy-forwarded-headers }

When using a proxy to handle HTTPS, your **application server** (for example Uvicorn via FastAPI CLI) doesn't known anything about the HTTPS process, it communicates with plain HTTP with the **TLS Termination Proxy**.

client = TestClient(app)


def test_security_oauth2():
    response = client.get("/users/me", headers={"Authorization": "Bearer footokenbar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"username": "Bearer footokenbar"}


def test_security_oauth2_password_other_header():
    response = client.get("/users/me", headers={"Authorization": "Other footokenbar"})
    assert response.status_code == 200, response.text

	tr.ResponseHeaderTimeout = 30 * time.Minute

	return func() *http.Transport {
		return tr
	}
}

// NewHTTPTransportWithTimeout allows setting a timeout for response headers
func (s ConnSettings) NewHTTPTransportWithTimeout(timeout time.Duration) *http.Transport {
	tr := s.getDefaultTransport(0)

	// Settings specific to this transport.
	tr.ResponseHeaderTimeout = timeout
	return tr

client = TestClient(app)


def test_security_oauth2():
    response = client.get("/users/me", headers={"Authorization": "Bearer footokenbar"})
    assert response.status_code == 200, response.text
    assert response.json() == {"username": "Bearer footokenbar"}


def test_security_oauth2_password_other_header():
    response = client.get("/users/me", headers={"Authorization": "Other footokenbar"})
    assert response.status_code == 200, response.text

// String returns the SSE domain as string. For SSE-C the
// domain is "SSE-C".
func (ssec) String() string { return "SSE-C" }

// IsRequested returns true if the HTTP headers contains
// at least one SSE-C header. SSE-C copy headers are ignored.
func (ssec) IsRequested(h http.Header) bool {
	if _, ok := h[xhttp.AmzServerSideEncryptionCustomerAlgorithm]; ok {
		return true
	}
	if _, ok := h[xhttp.AmzServerSideEncryptionCustomerKey]; ok {

        paramList.add(encode(key) + "=" + encode(value));
        return this;
    }

    /**
     * Adds a request header.
     *
     * @param key the header key
     * @param value the header value
     * @return this CurlRequest instance
     */
    public CurlRequest header(final String key, final String value) {
        if (headerList == null) {
            headerList = new ArrayList<>();
        }

    /**
     * CORS header for specifying allowed headers.
     */
    protected static final String ACCESS_CONTROL_ALLOW_HEADERS = "Access-Control-Allow-Headers";

    /**
     * CORS header for specifying allowed HTTP methods.
     */
    protected static final String ACCESS_CONTROL_ALLOW_METHODS = "Access-Control-Allow-Methods";

    /**
     * CORS header for allowing private network access.
     */

					i, o, l, skip, sn, ps, oRef, lRef, skipRef, snRef, psRef)
			}
		}
	}
}

var getDefaultOptsTests = []struct {
	headers        http.Header
	copySource     bool
	metadata       map[string]string
	encryptionType encrypt.Type
	err            error
}{
	{
		headers: http.Header{
			xhttp.AmzServerSideEncryptionCustomerAlgorithm: []string{"AES256"},

    override fun ackSettings() {
      check(type == -1)
      this.type = Http2.TYPE_SETTINGS
      this.ack = true
    }

    override fun headers(
      inFinished: Boolean,
      streamId: Int,
      associatedStreamId: Int,
      headerBlock: List<Header>,
    ) {
      check(type == -1)
      this.type = Http2.TYPE_HEADERS
      this.inFinished = inFinished
      this.streamId = streamId

              println("onResponseStarted ${info.headers.asMap} ${info.negotiatedProtocol}")
              request.read(ByteBuffer.allocateDirect(4096 * 8))
            }

            override fun onReadCompleted(
              request: UrlRequest,
              info: UrlResponseInfo,
              byteBuffer: ByteBuffer,
            ) {
              println("onReadCompleted ${info.headers.asMap}")
              byteBuffer.flip()