final String pathPrefix = ADMIN_SERVER + token;
                if (!servletPath.startsWith(pathPrefix)) {
                    throw new WebApiException(HttpServletResponse.SC_FORBIDDEN, "Invalid access token.");
                }
                final String path;
                final String value = servletPath.substring(pathPrefix.length());
                if (!value.startsWith("/")) {

OkHttp is principled and avoids being overly configurable, especially when such configuration is
to workaround a buggy server, test invalid scenarios or that contradict the relevant RFC.
Other HTTP libraries exist that fill that gap allowing extensive customisation including potentially
invalid requests.

Example Limitations

* Does not allow GET with a body.
* Cache is not an interface with alternative implementations.

            throw new IllegalArgumentException("Master password cannot be null or empty");
        }
        if (salt == null || salt.length != SALT_SIZE) {
            throw new IllegalArgumentException("Invalid salt");
        }

        this.salt = salt.clone();
        this.masterKey = deriveKey(masterPassword, this.salt);

        // Clear the master password after use
        Arrays.fill(masterPassword, '\0');

        assertNotNull(securityDescriptor.getOwnerGroupSid());
    }

    @Test
    @DisplayName("Test decode throws exception for invalid ACE count")
    void testDecodeThrowsExceptionForInvalidAceCount() {
        // Prepare buffer with invalid ACE count (> 4096)
        prepareSecurityDescriptorBufferWithInvalidAceCount(testBuffer, 0);

    @ParameterizedTest
    @DisplayName("Message constructor should handle crypto-specific error messages")
    @NullAndEmptySource
    @ValueSource(strings = { "AES encryption not supported", "Missing Bouncy Castle provider", "Invalid key length for AES-128",
            "RC4 cipher not available in this JVM", "DES encryption is deprecated and not supported", "HMAC-SHA256 algorithm not found",
            "RSA key generation failed: key size not supported" })

    /**
     * SID type indicating a deleted account.
     */
    public static final int SID_TYPE_DELETED = lsarpc.SID_NAME_DELETED;
    /**
     * SID type indicating an invalid SID.
     */
    public static final int SID_TYPE_INVALID = lsarpc.SID_NAME_INVALID;
    /**
     * SID type indicating an unknown account type.
     */

ted .input-group>.form-select:not(:focus):valid{z-index:3}.invalid-feedback{display:none;width:100%;margin-top:.25rem;font-size:.875em;color:var(--bs-form-invalid-color)}.invalid-tooltip{position:absolute;top:100%;z-index:5;display:none;max-width:100%;padding:.25rem .5rem;margin-top:.1rem;font-size:.875rem;color:#fff;background-color:var(--bs-danger);border-radius:var(--bs-border-radius)}.is-invalid~.invalid-feedback,.is-invalid~.invalid-tooltip,.was-validated :invalid~.invalid-feedback,.was-validated...

        return
      }

      val body = response.body

      if (!body.isEventStream()) {
        listener.onFailure(
          this,
          IllegalStateException("Invalid content-type: ${body.contentType()}"),
          response,
        )
        return
      }

      // This is a long-lived response. Cancel full-call timeouts.
      call?.timeout()?.cancel()

	}

	expects := []User{
		{Name: "distinct", Age: 20},
		{Name: "distinct", Age: 18},
		{Name: "distinct-2", Age: 18},
		{Name: "distinct-3", Age: 18},
	}

	if len(results) != 4 {
		t.Fatalf("invalid results length found, expects: %v, got %v", len(expects), len(results))
	}

	for idx, expect := range expects {
		AssertObjEqual(t, results[idx], expect, "Name", "Age")
	}

	var count int64

    }

    @Override
    public int decode(byte[] buffer, int bufferIndex, int len) throws SMBProtocolDecodingException {
        if (len != 8) {
            throw new SMBProtocolDecodingException("Invalid durable handle V2 response length: " + len);
        }

        this.timeout100Ns = SMBUtil.readInt4(buffer, bufferIndex) & 0xFFFFFFFFL; // Timeout (4 bytes, 100-ns intervals, unsigned)