```Python hl_lines="2  6"
{!../../docs_src/advanced_middleware/tutorial001.py!}
```

## `TrustedHostMiddleware`

Erzwingt, dass alle eingehenden Requests einen korrekt gesetzten `Host`-Header haben, um sich vor HTTP-Host-Header-Angriffen zu schützen.

```Python hl_lines="2  6-8"
{!../../docs_src/advanced_middleware/tutorial002.py!}
```

Die folgenden Argumente werden unterstützt:

Bei HTTP Basic Auth erwartet die Anwendung einen Header, der einen Benutzernamen und ein Passwort enthält.

Wenn sie diesen nicht empfängt, gibt sie den HTTP-Error 401 „Unauthorized“ zurück.

Und gibt einen Header `WWW-Authenticate` mit dem Wert `Basic` und einem optionalen `realm`-Parameter („Bereich“) zurück.

    ]
}
```

## Summary

You can use **Pydantic models** to declare **query parameters** in **FastAPI**. 😎

/// tip

Spoiler alert: you can also use Pydantic models to declare cookies and headers, but you will read about that later in the tutorial. 🤫

    )
    if not (is_correct_username and is_correct_password):
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Incorrect username or password",
            headers={"WWW-Authenticate": "Basic"},
        )
    return credentials.username


@app.get("/users/me")
def read_current_user(username: Annotated[str, Depends(get_current_username)]):

        aws_secret_access_key='YOUR-SECRETACCESSKEY',
        config=Config(signature_version='s3v4'),
        region_name='us-east-1')


def _add_header(request, **kwargs):
    request.headers.add_header('x-minio-extract', 'true')
event_system = s3.meta.events
event_system.register_first('before-sign.s3.*', _add_header)

# List zip contents

  }

  @Test
  fun headersPostWithHeaderOverrides() {
    setLevel(Level.HEADERS)
    extraNetworkInterceptor =
      Interceptor { chain: Interceptor.Chain ->
        chain.proceed(
          chain.request()
            .newBuilder()
            .header("Content-Length", "2")
            .header("Content-Type", "text/plain-ish")
            .build(),
        )
      }

<div class="wrapper">
    <jsp:include page="/WEB-INF/view/common/admin/header.jsp"></jsp:include>
    <jsp:include page="/WEB-INF/view/common/admin/sidebar.jsp">
        <jsp:param name="menuCategoryType" value="system"/>
        <jsp:param name="menuType" value="dict"/>
    </jsp:include>
    <div class="content-wrapper">
        <div class="content-header">
            <div class="container-fluid">
                <div class="row mb-2">

			if err != nil {
				err = msgp.WrapError(err)
				return
			}
		}
	}
	return
}

// EncodeMsg implements msgp.Encodable
func (z *connectReq) EncodeMsg(en *msgp.Writer) (err error) {
	// map header, size 4
	// write "ID"
	err = en.Append(0x84, 0xa2, 0x49, 0x44)
	if err != nil {
		return
	}
	err = en.WriteBytes((z.ID)[:])
	if err != nil {
		err = msgp.WrapError(err, "ID")
		return
	}

    }


    @Override
    public int getHeaderFieldInt ( String header, int def ) {
        handshake();
        return this.connection.getHeaderFieldInt(header, def);
    }


    @Override
    public long getHeaderFieldDate ( String header, long def ) {
        handshake();
        return this.connection.getHeaderFieldDate(header, def);
    }


    @Override

from fastapi.routing import APIRoute


class GzipRequest(Request):
    async def body(self) -> bytes:
        if not hasattr(self, "_body"):
            body = await super().body()
            if "gzip" in self.headers.getlist("Content-Encoding"):
                body = gzip.decompress(body)
            self._body = body
        return self._body


class GzipRoute(APIRoute):
    def get_route_handler(self) -> Callable: