<title><la:message key="labels.admin_brand_title"/> | <la:message
            key="labels.dict_kuromoji_configuration"/></title>
    <jsp:include page="/WEB-INF/view/common/admin/head.jsp"></jsp:include>
</head>
<body class="hold-transition sidebar-mini">
<div class="wrapper">
    <jsp:include page="/WEB-INF/view/common/admin/header.jsp"></jsp:include>
    <jsp:include page="/WEB-INF/view/common/admin/sidebar.jsp">

    <title><la:message key="labels.admin_brand_title"/> | <la:message
            key="labels.elevate_word_configuration"/></title>
    <jsp:include page="/WEB-INF/view/common/admin/head.jsp"></jsp:include>
</head>
<body class="hold-transition sidebar-mini">
<div class="wrapper">
    <jsp:include page="/WEB-INF/view/common/admin/header.jsp"></jsp:include>
    <jsp:include page="/WEB-INF/view/common/admin/sidebar.jsp">

    <title><la:message key="labels.admin_brand_title"/> | <la:message
            key="labels.webauth_configuration"/></title>
    <jsp:include page="/WEB-INF/view/common/admin/head.jsp"></jsp:include>
</head>
<body class="hold-transition sidebar-mini">
<div class="wrapper">
    <jsp:include page="/WEB-INF/view/common/admin/header.jsp"></jsp:include>
    <jsp:include page="/WEB-INF/view/common/admin/sidebar.jsp">

from typing import Any

from fastapi import FastAPI

app = FastAPI()


@app.vibe(
    "/vibe/",
    prompt="pls return json of users from database. make no mistakes",
)

* `@app.put()`
* `@app.delete()`
* 等等

{* ../../docs_src/response_status_code/tutorial001_py310.py hl[6] *}

/// note | 注意

請注意，`status_code` 是「裝飾器（decorator）」方法（`get`、`post` 等等）的參數，而不是你的「路徑操作函式」的參數，就像所有的參數與 body 一樣。

///

參數 `status_code` 接受一個數字作為 HTTP 狀態碼。

/// info | 資訊

`status_code` 也可以接收一個 `IntEnum`，例如 Python 的 [`http.HTTPStatus`](https://docs.python.org/3/library/http.html#http.HTTPStatus)。

///

它會：

## CSRF 风险 { #csrf-risk }

此默认行为在一个非常特定的场景下，可防御一类跨站请求伪造（CSRF）攻击。

这类攻击利用了浏览器的一个事实：当请求满足以下条件时，浏览器允许脚本在不进行任何 CORS 预检的情况下直接发送请求：

- 没有 `Content-Type` 头（例如使用 `fetch()` 携带 `Blob` 作为 body）
- 且不发送任何认证凭据。

这种攻击主要在以下情况下相关：

- 应用在本地（如 `localhost`）或内网中运行
- 且应用没有任何认证，假定来自同一网络的请求都可信。

## 攻击示例 { #example-attack }

假设你构建了一个本地运行的 AI 代理。

它提供了一个 API，地址为

```

```

///

## `File` 및 `Form` 임포트 { #import-file-and-form }

{* ../../docs_src/request_forms_and_files/tutorial001_an_py310.py hl[3] *}

## `File` 및 `Form` 매개변수 정의 { #define-file-and-form-parameters }

`Body` 및 `Query`와 동일한 방식으로 파일과 폼의 매개변수를 생성합니다:

{* ../../docs_src/request_forms_and_files/tutorial001_an_py310.py hl[10:12] *}

파일과 폼 필드는 폼 데이터로 업로드되며, 파일과 폼 필드를 받게 됩니다.

또한 일부 파일은 `bytes`로, 일부 파일은 `UploadFile`로 선언할 수 있습니다.

    String response1Body;
    try (Response response1 = client.newCall(request).execute()) {
      if (!response1.isSuccessful()) throw new IOException("Unexpected code " + response1);

      response1Body = response1.body().string();
      System.out.println("Response 1 response:          " + response1);
      System.out.println("Response 1 cache response:    " + response1.cacheResponse());

        ).respond(response().withBody("Peter the person!"))

      val response = client.newCall(Request((mockServer.endpoint + "/person?name=peter").toHttpUrl())).execute()

      assertThat(response.body.string()).contains("Peter the person")
    }
  }

  @Test
  fun testHttpsRequest() {
    MockServerClient(mockServer.host, mockServer.serverPort).use { mockServerClient ->
      mockServerClient
        .`when`(

The body should be annotated with `Any`, because the request and the response would be... well... **anything**. 🤷

The idea is that you would receive the payload and send it **directly** to an LLM provider, using a `prompt` to tell the LLM what to do, and return the response **as is**. No questions asked.