Alexey Serbin has uploaded this change for review. ( http://gerrit.cloudera.org:8080/18253
Change subject: [webserver] add HSTS header for HTTPS responses ...................................................................... [webserver] add HSTS header for HTTPS responses With this patch, the embedded Kudu webserver adds the HTTP strict transport security (HSTS) header 'Strict-Transport-Security' with the 'max-age' attribute as specified by a positive value of the --webserver_hsts_max_age_seconds flag for responses sent from HTTPS (i.e. TLS-protected) endpoints. The HSTS header isn't added to the responses sent by plain HTTP. To disable adding the HSTS header for HTTPS responses, set the --webserver_hsts_max_age_seconds flag to zero. A new test added to cover the newly introduced functionality. Change-Id: Id844b9588196b3d608765d0f16f5caec1c414d41 --- M src/kudu/server/webserver-test.cc M src/kudu/server/webserver.cc 2 files changed, 36 insertions(+), 29 deletions(-) git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/53/18253/1 -- To view, visit http://gerrit.cloudera.org:8080/18253 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: newchange Gerrit-Change-Id: Id844b9588196b3d608765d0f16f5caec1c414d41 Gerrit-Change-Number: 18253 Gerrit-PatchSet: 1 Gerrit-Owner: Alexey Serbin <[email protected]>
