# Headers for API dashboard response.
api.dashboard.response.headers=Referrer-Policy:strict-origin-when-cross-origin
# Allowed origins for CORS.
api.cors.allow.origin=*
# Allowed HTTP methods for CORS.
api.cors.allow.methods=GET, POST, OPTIONS, DELETE, PUT
# Max age for CORS preflight requests.
api.cors.max.age=3600
# Allowed headers for CORS.
api.cors.allow.headers=Origin, Content-Type, Accept, Authorization, X-Requested-With

        return null;
      }
      ClassLoader systemLoader;
      try {
        systemLoader = ClassLoader.getSystemClassLoader();
      } catch (SecurityException e) {
        logger.info("Not allowed to access system class loader.");
        return null;
      }
      if (systemLoader != null) {
        try {
          return systemLoader.loadClass(FINALIZER_CLASS_NAME);

  }

  private static final Object NOT_FOUND = new Object();

  /**
   * Maximum allowed false positive probability of detecting a hash flooding attack given random
   * input.
   */
  @VisibleForTesting(
      )
  static final double HASH_FLOODING_FPP = 0.001;

  /**
   * Maximum allowed length of a hash table bucket before falling back to a j.u.LinkedHashMap-based

 * stripes (locks/semaphores) are initialized eagerly, and are not reclaimed unless {@code Striped}
 * itself is reclaimable. <i>Weak</i> means that locks/semaphores are created lazily, and they are
 * allowed to be reclaimed if nobody is holding on to them. This is useful, for example, if one
 * wants to create a {@code Striped<Lock>} of many locks, but worries that in most cases only a
 * small portion of these would be in use.
 *

   * an application-specified ordering of lock acquisitions. The application defines the allowed
   * ordering with an {@code Enum} whose values each correspond to a lock type. The order in which
   * the values are declared dictates the allowed order of lock acquisition. In other words, locks
   * corresponding to smaller values of {@link Enum#ordinal()} should only be acquired before locks

    public static final int ACB_PWNOEXP = 512;
    /** Account control bit flag: Account is auto-locked */
    public static final int ACB_AUTOLOCK = 1024;
    /** Account control bit flag: Encrypted text password is allowed */
    public static final int ACB_ENC_TXT_PWD_ALLOWED = 2048;
    /** Account control bit flag: Smart card is required for login */
    public static final int ACB_SMARTCARD_REQUIRED = 4096;

    public static final int ACB_PWNOEXP = 512;
    /** Account control bit flag: Account is auto-locked */
    public static final int ACB_AUTOLOCK = 1024;
    /** Account control bit flag: Encrypted text password is allowed */
    public static final int ACB_ENC_TXT_PWD_ALLOWED = 2048;
    /** Account control bit flag: Smart card is required for login */
    public static final int ACB_SMARTCARD_REQUIRED = 4096;

     * https://groups.google.com/d/topic/google-web-toolkit-contributors/1UEzsryq1XI
     *
     * <p>ASCII characters in the part are expected to be valid per RFC 1035, with underscore also
     * being allowed due to widespread practice.
     */

    String asciiChars = CharMatcher.ascii().retainFrom(part);

    if (!PART_CHAR_MATCHER.matchesAllOf(asciiChars)) {
      return false;
    }

    assertThat(read.expectedFpp()).isGreaterThan(0);
  }

  /**
   * This test will fail whenever someone updates/reorders the BloomFilterStrategies constants. Only
   * appending a new constant is allowed.
   */
  // This test ensures that our reliance on the ordering elsewhere is safe.
  @SuppressWarnings("EnumOrdinal")
  public void testBloomFilterStrategies() {

      } catch (_: IOException) {
        // The cache cannot be written.
      }
      return null
    }

    if (requestMethod != "GET") {
      // Don't cache non-GET responses. We're technically allowed to cache HEAD, QUERY and some
      // POST requests, but the complexity of doing so is high and the benefit is low.
      return null
    }

    if (response.hasVaryAll()) {
      return null
    }