# Chequeo estricto de Content-Type { #strict-content-type-checking }

Por defecto, **FastAPI** usa un chequeo estricto del header `Content-Type` para request bodies JSON, esto significa que las requests JSON deben incluir un header `Content-Type` válido (p. ej. `application/json`) para que el request body se parse como JSON.

## Riesgo de CSRF { #csrf-risk }

	// Version numbers.
	zipVersion20 = 20 // 2.0
	zipVersion45 = 45 // 4.5 (reads and writes zip64 archives)

	// Limits for non zip64 files.
	uint16max = (1 << 16) - 1
	uint32max = (1 << 32) - 1

	// Extra header IDs.
	//
	// IDs 0..31 are reserved for official use by PKWARE.
	// IDs above that range are defined by third-party vendors.
	// Since ZIP lacked high precision timestamps (nor an official specification

    }

    /**
     * Test case for when the 'Authorization' header is missing.
     * Expects the server to respond with a 'WWW-Authenticate: NTLM' header and a 401 status.
     * @throws IOException
     */
    @Test
    public void testAuthenticate_NoAuthorizationHeader() throws IOException {
        // Setup: No "Authorization" header
        when(mockRequest.getHeader("Authorization")).thenReturn(null);

            SessionServicePacket.readPacketType(bais, buffer, 0);
        });

        assertEquals("unexpected EOF reading netbios session header", exception.getMessage());
    }

    @Test
    @DisplayName("readPacketType should throw IOException on incomplete header")
    void testReadPacketTypeIncompleteHeader() {
        byte[] headerData = { (byte) 0x81, (byte) 0x00 }; // Only 2 bytes instead of 4

/// note | Technical Details

The proxy headers are:

* [X-Forwarded-For](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-For)
* [X-Forwarded-Proto](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Proto)
* [X-Forwarded-Host](https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Host)

///

# Header 1 { #header-1 }

Some text with a link to [FastAPI](https://fastapi.tiangolo.com).

## Header 2 { #header-2 }

Two links here: [How to](https://fastapi.tiangolo.com/how-to/) and [Project Generators](project-generation.md){.internal-link target=_blank}.

### Header 3 { #header-3 }

Another link: [**FastAPI** Project Generators](project-generation.md "Link title"){.internal-link target=_blank} with title.

# Header 4 { #header-4 }

 * limitations under the License.
 */
package mockwebserver3

import okhttp3.Headers

/** An HTTP request initiated by the server. */
public class PushPromise(
  public val method: String,
  public val path: String,
  public val headers: Headers,
  public val response: MockResponse,

            duration = time.time() - before
            response.headers["X-Response-Time"] = str(duration)
            print(f"route duration: {duration}")
            print(f"route response: {response}")
            print(f"route response headers: {response.headers}")
            return response

        return custom_route_handler


app = FastAPI()

  }
});
```

**Warning**: The logs generated by this interceptor when using the `HEADERS` or `BODY` levels have
the potential to leak sensitive information such as "Authorization" or "Cookie" headers and the
contents of request and response bodies. This data should only be logged in a controlled way or in
a non-production environment.

You can redact headers that may contain sensitive information by calling `redactHeader()`.
```java

async def http_exception_handler(request: Request, exc: HTTPException) -> Response:
    headers = getattr(exc, "headers", None)
    if not is_body_allowed_for_status_code(exc.status_code):
        return Response(status_code=exc.status_code, headers=headers)
    return JSONResponse(
        {"detail": exc.detail}, status_code=exc.status_code, headers=headers
    )


async def request_validation_exception_handler(