import jcifs.internal.util.SMBUtil;
import jcifs.util.Hexdump;

/**
 * SMB1 Trans2 Find First 2 transaction request implementation.
 * Initiates directory enumeration operations in SMB1 protocol, allowing clients
 * to search for files and directories matching specified patterns and criteria.
 *
 * @author mbechler
 */
public class Trans2FindFirst2 extends SmbComTransaction {

    // flags

});var c={amex:[15,15],diners_club:[14,14],cjb:[16,16],laser:[16,19],visa:[16,16],mastercard:[16,16],maestro:[12,19],discover:[16,16]},d=!1,e=!1;a.formUtils.addValidator({name:"creditcard",validatorFunction:function(b,f){var g=a.split(f.valAttr("allowing")||"");if(e=a.inArray("amex",g)>-1,d=e&&1===g.length,g.length>0){var h=!1;if(a.each(g,function(d,e){if(e in c){if(b.length>=c[e][0]&&b.length<=c[e][1])return h=!0,!1}else a.formUtils.warn('Use of unknown credit card "'+e+'"',!0)}),!h)return!1}if(""!==b.replace(new...

     * from any repository but are present among the set of specified projects will not cause an exception. Instead,
     * those unresolved artifacts will be returned in the result set, allowing the caller to take special care of
     * artifacts that haven't been build yet.
     *
     * @param projects The projects whose dependencies should be resolved, may be {@code null}.

如果你的應用部署在公開的網際網路上，你不會「信任網路」而允許任何人在未經身分驗證的情況下發送具權限的請求。

攻擊者可以直接執行腳本向你的 API 發送請求，無需透過瀏覽器互動，因此你多半已經對任何具權限的端點做了防護。

在這種情況下，這種攻擊／風險不適用於你。

此風險與攻擊主要與應用只在本機或內部網路上執行，且「僅依賴此為保護」的情境相關。

## 允許沒有 Content-Type 的請求 { #allowing-requests-without-content-type }

若你需要支援未送出 `Content-Type` 標頭的客戶端，可以將 `strict_content_type=False` 以停用嚴格檢查：

{* ../../docs_src/strict_content_type/tutorial001_py310.py hl[4] *}

be inefficient for allocating only small amounts of small Go values. They're
best used in bulk, on the order of MiB of memory allocated on each use.

Note that by allowing for this limited form of manual memory allocation
that use-after-free bugs are possible with regular Go values. This package
limits the impact of these use-after-free bugs by preventing reuse of freed

!important;\n    }\n\n    a {\n      &:not(.btn) {\n        text-decoration: underline;\n      }\n    }\n\n    // Bootstrap specific; comment the following selector out\n    //a[href]::after {\n    //  content: \" (\" attr(href) \")\";\n    //}\n\n    abbr[title]::after {\n      content: \" (\" attr(title) \")\";\n    }\n\n    // Bootstrap specific; comment the following selector out\n    //\n    // Don't show links that are fragment identifiers,\n    // or use the `javascript:` pseudo protocol\n    //\n\n...

如果你的应用部署在开放的互联网，你不会“信任网络”，也不会允许任何人不经认证就发送特权请求。

攻击者完全可以直接运行脚本向你的 API 发送请求，无需借助浏览器交互，因此你很可能已经对任何特权端点做好了安全防护。

在这种情况下，以上攻击/风险不适用于你。

该风险/攻击主要发生在应用运行于本地网络、且“仅依赖网络隔离作为保护”的场景。

## 允许无 Content-Type 的请求 { #allowing-requests-without-content-type }

如果你需要兼容不发送 `Content-Type` 头的客户端，可以通过设置 `strict_content_type=False` 来关闭严格检查：

{* ../../docs_src/strict_content_type/tutorial001_py310.py hl[4] *}

        System.out.printf("  Avg allocation time: %.2f ns%n", avgAllocTimeNs);
        System.out.printf("  Avg release time: %.2f ns%n", avgReleaseTimeNs);

        // Verify O(1) performance - should be reasonably fast (allowing for JVM overhead)
        assertTrue(avgAllocTimeNs < 10000, "Average allocation should be under 10000ns (O(1) performance)");
        assertTrue(avgReleaseTimeNs < 10000, "Average release should be under 10000ns (O(1) performance)");

공격자는 브라우저 상호작용 없이도 스크립트를 실행해 여러분의 API로 요청을 보낼 수 있으므로, 아마 이미 권한이 필요한 엔드포인트는 보호하고 있을 것입니다.

그런 경우에는 이 공격/위험은 해당하지 않습니다.

이 위험과 공격은 주로 앱이 **로컬 네트워크**에서 실행되고 그것이 **유일한 보호수단**이라고 가정할 때 관련이 있습니다.

## Content-Type 없이 요청 허용하기 { #allowing-requests-without-content-type }

만약 `Content-Type` 헤더를 보내지 않는 클라이언트를 지원해야 한다면, `strict_content_type=False`로 설정해 엄격한 검사를 비활성화할 수 있습니다:

{* ../../docs_src/strict_content_type/tutorial001_py310.py hl[4] *}

         * processes one artifact at a time and hence cannot associate the artifacts from the same project to use the
         * same version index. Allowing the caller to pass in metadata from a previous deployment allows to re-establish
         * the association between the artifacts of the same project.
         */