If for some reason you need to disable automatic conversion of underscores to hyphens, set the parameter `convert_underscores` of `Header` to `False`:

{* ../../docs_src/header_params/tutorial002_an_py310.py hl[10] *}

/// warning

Before setting `convert_underscores` to `False`, bear in mind that some HTTP proxies and servers disallow the usage of headers with underscores.

///

{* ../../docs_src/request_forms_and_files/tutorial001_an_py39.py hl[10:12] *}

The files and form fields will be uploaded as form data and you will receive the files and form fields.

And you can declare some of the files as `bytes` and some as `UploadFile`.

/// warning

        #
        #; objectTypeTargetList = list:{TABLE ; VIEW}

        # o tableExceptList: (NotRequired - Default list:{})
        #  If you want to exclude some tables in generating target,
        #  you should specify the list of excepted table hints.
        #    e.g. list:{PRODUCT_STATUS ; prefix:TMP_}
        #  This is only for the main schema. Additional schemas are unconcerned.

* It can then do something to that **request** or run any needed code.
* Then it passes the **request** to be processed by the rest of the application (by some *path operation*).
* It then takes the **response** generated by the application (by some *path operation*).
* It can do something to that **response** or run any needed code.
* Then it returns the **response**.

/// note | Technical Details

Then your API will (let's imagine):

* Send the invoice to some customer of the external developer.
* Collect the money.
* Send a notification back to the API user (the external developer).
    * This will be done by sending a POST request (from *your API*) to some *external API* provided by that external developer (this is the "callback").

	// If x-amz-content-sha256 is set and the value is not
	// 'UNSIGNED-PAYLOAD' we should validate the content sha256.
	switch v[0] {
	case unsignedPayload, unsignedPayloadTrailer:
		return true
	case emptySHA256:
		// some broken clients set empty-sha256
		// with > 0 content-length in the body,
		// we should skip such clients and allow
		// blindly such insecure clients only if
		// S3 strict compatibility is disabled.

     * is given by {@link #getSource()}.
     *
     * @return the one-based index of the line containing the problem or a non-positive value if unknown
     */
    int getLineNumber();

    /**
     * Gets the one-based index of the column containing the problem. The column number should refer to some text file
     * that is given by {@link #getSource()}.
     *

     * <syntax>project.distributionManagementArtifactRepository</syntax>
     * <origin><![CDATA[
     * <distributionManagement>
     * <repository>
     * <id>some-repo</id>
     * <url>scp://host/path</url>
     * </repository>
     * <snapshotRepository>
     * <id>some-snap-repo</id>
     * <url>scp://host/snapshot-path</url>
     * </snapshotRepository>
     * </distributionManagement>
     * ]]></origin>
     * <usage><![CDATA[

        assertDoesNotThrow(() -> bufferManager.cleanup());

        // After cleanup, all regions should be released (but the count may not match exactly
        // if some regions were pooled rather than immediately released)
        assertTrue(bufferManager.getTotalReleased() > 0, "Some regions should be released during cleanup");
        assertEquals(allocatedBeforeCleanup, bufferManager.getTotalReleased(),

the `AssumeRoleWithCustomToken` STS API extension. A user or application can now present a token to the `AssumeRoleWithCustomToken` API, and MinIO verifies this token by sending it to the Identity Management Plugin webhook. This plugin responds with some information and MinIO is able to generate temporary STS credentials to interact with object storage.

The authentication flow is similar to that of OpenID, however the token is "opaque" to MinIO - it is simply sent to the plugin for verification....