Add Kotlin header configuration samples to docs

Issue gh-8172

docs/manual/src/docs/asciidoc/_includes/servlet/exploits/headers.adoc

@@ -13,11 +13,12 @@ While each of these headers are considered best practice, it should be noted tha
 You can customize specific headers.
 For example, assume that you want the defaults except you wish to specify `SAMEORIGIN` for <<servlet-headers-frame-options,X-Frame-Options>>.
 
-You can easily do this with the following Java Configuration:
+You can easily do this with the following Configuration:
 
-.Customize Default Security Headers with Java Configuration
+.Customize Default Security Headers
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -35,13 +36,9 @@ public class WebSecurityConfig extends
 	}
 }
 ----
-====
-
-Alternatively, if you are using Spring Security XML Configuration, you can use the following:
 
-.Customize Default Security Headers with XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -51,14 +48,35 @@ Alternatively, if you are using Spring Security XML Configuration, you can use t
 	</headers>
 </http>
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+    override fun configure(http: HttpSecurity) {
+        http {
+            // ...
+            headers {
+                frameOptions {
+                    sameOrigin = true
+                }
+            }
+        }
+    }
+}
+----
 ====
 
 If you do not want the defaults to be added and want explicit control over what should be used, you can disable the defaults.
-An example for both Java and XML based configuration is provided below:
+An example is provided below:
 
-If you are using Spring Security's Java Configuration the following will only add <<headers-cache-control,Cache Control>>.
+If you are using Spring Security's Configuration the following will only add <<headers-cache-control,Cache Control>>.
 
-[source,java]
+.Customize Cache Control Headers
+====
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -77,9 +95,8 @@ WebSecurityConfigurerAdapter {
 }
 ----
 
-The following XML will only add <<headers-cache-control,Cache Control>>.
-
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -90,10 +107,32 @@ The following XML will only add <<headers-cache-control,Cache Control>>.
 </http>
 ----
 
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+    override fun configure(http: HttpSecurity) {
+        http {
+            // ...
+            headers {
+                // do not use any default headers unless explicitly listed
+                defaultsDisabled = true
+                cacheControl {
+                }
+            }
+        }
+    }
+}
+----
+====
 
-If necessary, you can disable all of the HTTP Security response headers with the following Java Configuration:
+If necessary, you can disable all of the HTTP Security response headers with the following Configuration:
 
-[source,java]
+.Disable All HTTP Security Headers
+====
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -108,9 +147,8 @@ WebSecurityConfigurerAdapter {
 }
 ----
 
-If necessary, you can disable all of the HTTP Security response headers with the following XML configuration below:
-
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -119,6 +157,23 @@ If necessary, you can disable all of the HTTP Security response headers with the
 </http>
 ----
 
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+    override fun configure(http: HttpSecurity) {
+        http {
+            // ...
+            headers {
+                disable()
+            }
+        }
+    }
+}
+----
+====
+
 [[servlet-headers-cache-control]]
 == Cache Control
 
@@ -132,9 +187,10 @@ Details on how to do this can be found in the https://docs.spring.io/spring/docs
 
 If necessary, you can also disable Spring Security's cache control HTTP response headers.
 
-.Cache Control Disabled with Java Configuration
+.Cache Control Disabled
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @Configuration
 @EnableWebSecurity
@@ -151,13 +207,9 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
-
-Similarly, you can use the <<nsa-cache-control,<cache-control>>> element to disable it:
 
-.Cache Control Disabled with XML
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -167,17 +219,36 @@ Similarly, you can use the <<nsa-cache-control,<cache-control>>> element to disa
 	</headers>
 </http>
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+       http {
+            headers {
+                cacheControl {
+                    disable()
+                }
+            }
+        }
+    }
+}
+----
 ====
 
 [[servlet-headers-content-type-options]]
 == Content Type Options
 
 Spring Security includes <<headers-content-type-options,Content-Type>> headers by default.
-However, you can disable it in Java Configuration with:
+However, you can disable it with:
 
-.Content Type Options Disabled with Java Configuration
+.Content Type Options Disabled
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @Configuration
 @EnableWebSecurity
@@ -194,13 +265,9 @@ public class WebSecurityConfig extends
 	}
 }
 ----
-====
 
-Similarly, you can use the <<nsa-content-type-options,<content-type-options>>> element to disable it:
-
-.Content Type Options Disabled with XML
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -210,6 +277,24 @@ Similarly, you can use the <<nsa-content-type-options,<content-type-options>>> e
 	</headers>
 </http>
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+       http {
+            headers {
+                contentTypeOptions {
+                    disable()
+                }
+            }
+        }
+    }
+}
+----
 ====
 
 [[servlet-headers-hsts]]
@@ -217,11 +302,12 @@ Similarly, you can use the <<nsa-content-type-options,<content-type-options>>> e
 
 Spring Security provides the <<headers-hsts,Strict Transport Security>> header by default.
 However, you can customize the results explicitly.
-For example, the following is an example of explicitly providing HSTS with Java Configuration:
+For example, the following is an example of explicitly providing HSTS:
 
-.Strict Transport Security with Java Configuration
+.Strict Transport Security
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -241,14 +327,9 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
-
-Similarly, you can explicitly provide HSTS with XML configuration using the <<nsa-hsts,<hsts>>> element as shown below:
 
-
-.Strict Transport Security with XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -261,17 +342,38 @@ Similarly, you can explicitly provide HSTS with XML configuration using the <<ns
 	</headers>
 </http>
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        http {
+            headers {
+                httpStrictTransportSecurity {
+                    includeSubDomains = true
+                    preload = true
+                    maxAgeInSeconds = 31536000
+                }
+            }
+        }
+    }
+}
+----
 ====
 
 [[servlet-headers-hpkp]]
 == HTTP Public Key Pinning (HPKP)
 For passivity reasons, Spring Security provides servlet support for <<headers-hpkp,HTTP Public Key Pinning>> but it is <<headers-hpkp-deprecated,no longer recommended>>.
 
-You can enable HPKP headers with Java Configuration:
+You can enable HPKP headers with the following Configuration:
 
-.HTTP Public Key Pinning with Java Configuration
+.HTTP Public Key Pinning
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -291,13 +393,8 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
-
-Similarly you can enable HPKP headers using the <<nsa-hpkp,<hpkp>>> element as shown below:
-
-.HTTP Public Key Pinning with XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -314,19 +411,40 @@ Similarly you can enable HPKP headers using the <<nsa-hpkp,<hpkp>>> element as s
 	</headers>
 </http>
 ----
-====
 
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        http {
+            headers {
+                httpPublicKeyPinning {
+                    includeSubDomains = true
+                    reportUri = "https://example.net/pkp-report"
+                    pins = mapOf("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=" to "sha256",
+                            "E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g=" to "sha256")
+                }
+            }
+        }
+    }
+}
+----
+====
 
 [[servlet-headers-frame-options]]
 == X-Frame-Options
 
 By default, Spring Security disables rendering within an iframe using <<headers-frame-options,X-Frame-Options>>.
 
-You can customize frame options to use the same origin within Java Configuration using the following:
+You can customize frame options to use the same origin within a Configuration using the following:
 
-.X-Frame-Options: SAMEORIGIN with Java Configuration
+.X-Frame-Options: SAMEORIGIN
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -344,13 +462,9 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
 
-Alternatively, you can use <<nsa-frame-options,frame-options>> element within XML configuration:
-
-.X-Frame-Options: SAMEORIGIN with XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -361,19 +475,38 @@ Alternatively, you can use <<nsa-frame-options,frame-options>> element within XM
 	</headers>
 </http>
 ----
-====
 
 
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        http {
+            headers {
+                frameOptions {
+                    sameOrigin = true
+                }
+            }
+        }
+    }
+}
+----
+====
+
 [[servlet-headers-xss-protection]]
 == X-XSS-Protection
 
 By default, Spring Security instructs browsers to block reflected XSS attacks using the <<headers-xss-protection,X-XSS-Protection header>.
 However, you can change this default.
-For example, the following Java Configuration specifies that Spring Security should no longer instruct browsers to block the content:
+For example, the following Configuration specifies that Spring Security should no longer instruct browsers to block the content:
 
-.X-XSS-Protection Customization with Java Configuration
+.X-XSS-Protection Customization
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -391,13 +524,9 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
 
-Similarly, the following XML configuration specifies that Spring Security should no longer instruct browsers to block the content:
-
-.X-XSS-Protection Customization with XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -407,8 +536,26 @@ Similarly, the following XML configuration specifies that Spring Security should
 	</headers>
 </http>
 ----
-====
 
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        // ...
+        http {
+            headers {
+                xssProtection {
+                    block = false
+                }
+            }
+        }
+    }
+}
+----
+====
 
 [[servlet-headers-csp]]
 == Content Security Policy (CSP)
@@ -426,11 +573,12 @@ Content-Security-Policy: script-src 'self' https://trustedscripts.example.com; o
 ----
 ====
 
-You can enable the CSP header using Java configuration as shown below:
+You can enable the CSP header as shown below:
 
-.Content Security Policy Java Configuration
+.Content Security Policy
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -448,13 +596,9 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
 
-The same can be done using XML configuration with the <<nsa-content-security-policy,<content-security-policy>>> element as shown below:
-
-.Content Security Policy Java Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -465,13 +609,33 @@ The same can be done using XML configuration with the <<nsa-content-security-pol
 	</headers>
 </http>
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        http {
+            // ...
+            headers {
+                contentSecurityPolicy {
+                    policyDirectives = "script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/"
+                }
+            }
+        }
+    }
+}
+----
 ====
 
-To enable the CSP `report-only` header, provide the following Java configuration:
+To enable the CSP `report-only` header, provide the following configuration:
 
-.Content Security Policy Report Only Java Configuration
+.Content Security Policy Report Only
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -490,13 +654,9 @@ public class WebSecurityConfig extends
 	}
 }
 ----
-====
-
-The same can be achieved with XML configuration using:
 
-.Content Security Policy XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -508,17 +668,38 @@ The same can be achieved with XML configuration using:
 	</headers>
 </http>
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        http {
+            // ...
+            headers {
+                contentSecurityPolicy {
+                    policyDirectives = "script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/"
+                    reportOnly = true
+                }
+            }
+        }
+    }
+}
+----
 ====
 
 [[servlet-headers-referrer]]
 == Referrer Policy
 
 Spring Security does not add <<headers-referrer,Referrer Policy>> headers by default.
-You can enable the Referrer Policy header using Java configuration as shown below:
+You can enable the Referrer Policy header using the configuration as shown below:
 
-.Referrer Policy Java Configuration
+.Referrer Policy
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -536,13 +717,9 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
 
-You can enable the Referrer-Policy header using XML configuration with the <<nsa-referrer-policy,<referrer-policy>>> element as shown below:
-
-.Referrer Policy XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -552,8 +729,26 @@ You can enable the Referrer-Policy header using XML configuration with the <<nsa
 	</headers>
 </http>
 ----
-====
 
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        http {
+            // ...
+            headers {
+                referrerPolicy {
+                    policy = ReferrerPolicy.SAME_ORIGIN
+                }
+            }
+        }
+    }
+}
+----
+====
 
 [[servlet-headers-feature]]
 == Feature Policy
@@ -569,11 +764,12 @@ Feature-Policy: geolocation 'self'
 ----
 ====
 
-can enable the Feature Policy header using Java configuration as shown below:
+can enable the Feature Policy header using the configuration shown below:
 
-.Feature-Policy Java Configuration
+.Feature-Policy
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -589,14 +785,9 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
 
-
-Alternatively, you can enable the Feature-Policy header using XML configuration with the <<nsa-feature-policy,<feature-policy>>> element as shown below:
-
-.Feature-Policy XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -606,6 +797,23 @@ Alternatively, you can enable the Feature-Policy header using XML configuration
 	</headers>
 </http>
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        http {
+            // ...
+            headers {
+                featurePolicy("geolocation 'self'")
+            }
+        }
+    }
+}
+----
 ====
 
 [[servlet-headers-clear-site-data]]
@@ -623,9 +831,10 @@ Clear-Site-Data: "cache", "cookies"
 
 can be sent on log out with the following configuration:
 
-.Clear-Site-Data Java Configuration
+.Clear-Site-Data
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -640,6 +849,23 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        http {
+            // ...
+            logout {
+                addLogoutHandler(HeaderWriterLogoutHandler(ClearSiteDataHeaderWriter(CACHE, COOKIES)))
+            }
+        }
+    }
+}
+----
 ====
 
 [[servlet-headers-custom]]
@@ -657,11 +883,12 @@ For example, given the following custom security header:
 X-Custom-Security-Header: header-value
 ----
 
-The headers could be added to the response using Java Configuration as shown in the following:
+The headers could be added to the response using the following Configuration:
 
-.StaticHeadersWriter Java Configuration
+.StaticHeadersWriter
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -677,13 +904,9 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
-
-When using the XML namespace, these headers can be added to the response using the <<nsa-header,<header>>> element as shown below:
 
-.StaticHeadersWriter XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -693,19 +916,36 @@ When using the XML namespace, these headers can be added to the response using t
 	</headers>
 </http>
 ----
-====
 
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        http {
+            // ...
+            headers {
+                addHeaderWriter(StaticHeadersWriter("X-Custom-Security-Header","header-value"))
+            }
+        }
+    }
+}
+----
+====
 
 [[servlet-headers-writer]]
 === Headers Writer
 When the namespace or Java configuration does not support the headers you want, you can create a custom `HeadersWriter` instance or even provide a custom implementation of the `HeadersWriter`.
 
 Let's take a look at an example of using an custom instance of `XFrameOptionsHeaderWriter`.
-If you wanted to explicitly configure <<servlet-headers-frame-options>> it could be done with the following Java Configuration:
+If you wanted to explicitly configure <<servlet-headers-frame-options>> it could be done with the following Configuration:
 
-.Headers Writer Java Configuration
+.Headers Writer
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -721,13 +961,9 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
-
-Alternatively, we could use the <<nsa-header-ref,ref>> attribute for XML based configuration:
 
-.Headers Writer XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -743,6 +979,23 @@ See https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsi
 	class="org.springframework.security.web.header.writers.frameoptions.XFrameOptionsHeaderWriter"
 	c:frameOptionsMode="SAMEORIGIN"/>
 ----
+
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        http {
+            // ...
+            headers {
+                addHeaderWriter(XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN))
+            }
+        }
+    }
+}
+----
 ====
 
 [[headers-delegatingrequestmatcherheaderwriter]]
@@ -756,7 +1009,8 @@ An example of using `DelegatingRequestMatcherHeaderWriter` in Java Configuration
 
 .DelegatingRequestMatcherHeaderWriter Java Configuration
 ====
-[source,java]
+.Java
+[source,java,role="primary"]
 ----
 @EnableWebSecurity
 public class WebSecurityConfig extends
@@ -776,13 +1030,9 @@ WebSecurityConfigurerAdapter {
 	}
 }
 ----
-====
 
-The same can be achieved with XML based configuration:
-
-.DelegatingRequestMatcherHeaderWriter XML Configuration
-====
-[source,xml]
+.XML
+[source,xml,role="secondary"]
 ----
 <http>
 	<!-- ... -->
@@ -805,5 +1055,25 @@ The same can be achieved with XML based configuration:
 	</beans:constructor-arg>
 </beans:bean>
 ----
-====
 
+.Kotlin
+[source,kotlin,role="secondary"]
+----
+@EnableWebSecurity
+class SecurityConfig : WebSecurityConfigurerAdapter() {
+
+    override fun configure(http: HttpSecurity) {
+        val matcher: RequestMatcher = AntPathRequestMatcher("/login")
+        val headerWriter = DelegatingRequestMatcherHeaderWriter(matcher, XFrameOptionsHeaderWriter())
+       http {
+            headers {
+                frameOptions {
+                    disable()
+                }
+                addHeaderWriter(headerWriter)
+            }
+        }
+    }
+}
+----
+====