* Descomprimir corpos de requisição comprimidos com gzip.
* Registrar automaticamente todos os corpos de requisição.

## Manipulando codificações de corpo de requisição personalizadas

Vamos ver como usar uma subclasse personalizada de `Request` para descomprimir requisições gzip.

E uma subclasse de `APIRoute` para usar essa classe de requisição personalizada.

### Criar uma classe `GzipRequest` personalizada

        assertNull(decrypted, "Decrypting null should return null");
    }

    @Test
    public void testEncryptDecryptLongPassword() throws Exception {
        // Test with very long password
        char[] plaintext = new char[10000];
        Arrays.fill(plaintext, 'X');

        byte[] encrypted = storage.encryptCredentials(plaintext);

```

</div>

## Verifique-o

Vá até a documentação interativa em: <a href="http://127.0.0.1:8000/docs" class="external-link" target="_blank">http://127.0.0.1:8000/docs</a>.

Você verá algo deste tipo:

<img src="/img/tutorial/security/image01.png">

/// check | Botão de Autorizar!



///

	Você já tem um novo "botão de autorizar!".

         * the 'received' member of the response object will not
         * be set to true indicating the send and sendTransaction
         * methods that the next part should be sent. This is a
         * very indirect and simple batching control mechanism.
         */

        if (andx == null || !USE_BATCHING || batchLevel >= getBatchLimit(andx.command)) {
            andxCommand = (byte) 0xFF;
            andx = null;

            return;
          }
          // TODO(cpovirk): if reference has been cleared, remove it?
        }
        checkExceptionClassValidity(exceptionClass);

        /*
         * It's very unlikely that any loaded Futures class will see getChecked called with more
         * than a handful of exceptions. But it seems prudent to set a cap on how many we'll cache.

    }
    this.safeMin = safeMin;
    this.safeMax = safeMax;

    // This is a bit of a hack but lets us do quicker per-character checks in
    // the fast path code. The safe min/max values are very unlikely to extend
    // into the range of surrogate characters, but if they do we must not test
    // any values in that range. To see why, consider the case where:
    // safeMin <= {hi,lo} <= safeMax

        // if removeAll returns true, all we really know is that at least one subscriber was
        // removed... however, barring something very strange we can assume that if at least one
        // subscriber was removed, all subscribers on listener for that event type were... after
        // all, the definition of subscribers on a particular class is totally static

        | ((source[offset + 1] & 0xFF) << 8)
        | ((source[offset + 2] & 0xFF) << 16)
        | ((source[offset + 3] & 0xFF) << 24);
  }

  /**
   * Indicates that the load and store operations will be very efficient because of use of VarHandle
   * or Unsafe. May be useful for calling code to fall back on an alternative implementation that is
   * slower than those implementations but faster than the pure-Java mask-and-shift.
   */

your report:

  - A descriptive title
  - Your name and affiliation (if any).
  - A description of the technical details of the vulnerabilities.
  - A minimal example of the vulnerability. It is very important to let us know
    how we can reproduce your findings. For memory corruption triggerable in
    TensorFlow models, please demonstrate an exploit against one of Alphabet's
    models in <https://tfhub.dev/>

Volviendo al ejemplo de código anterior, **FastAPI**:

* Validará que haya un `item_id` en el path para requests `GET` y `PUT`.
* Validará que el `item_id` sea del tipo `int` para requests `GET` y `PUT`.
    * Si no lo es, el cliente verá un error útil y claro.
* Comprobará si hay un parámetro de query opcional llamado `q` (como en `http://127.0.0.1:8000/items/foo?q=somequery`) para requests `GET`.
    * Como el parámetro `q` está declarado con `= None`, es opcional.