[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-03-10。"],[[["Identity-Aware Proxy (IAP) resources can be secured by using the hostname and path of a request URL, allowing for granular access control based on these URL components."],["IAP normalizes both hostname and path strings to remove ambiguity, performing two policy checks for non-normalized paths to ensure access is granted only if both checks pass."],["Hostname normalization involves removing trailing dots, lowercasing characters, converting to ASCII, and using Punycode for non-ASCII characters, which is crucial for matching policies correctly."],["Path normalization includes removing path parameters and resolving relative paths to their absolute equivalents, with requests containing `..;` being considered invalid and resulting in a `HTTP 400` error."],["Using `request.host.endsWith(\".google.com\")` will limit your policy to only subdomains that end with `google.com` while using `request.host.endsWith(\"google.com\")` will match to both subdomains and domains that contain `google.com`."]]],[]]