Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/18253 )
Change subject: [webserver] add HSTS header for HTTPS responses ...................................................................... Patch Set 2: Code-Review+1 (3 comments) Thanks for addressing this! http://gerrit.cloudera.org:8080/#/c/18253/2/src/kudu/server/webserver.cc File src/kudu/server/webserver.cc: http://gerrit.cloudera.org:8080/#/c/18253/2/src/kudu/server/webserver.cc@93 PS2, Line 93: 31536000 nit: maybe 365 * 24 * 60 * 60 is also more easily verifiable? http://gerrit.cloudera.org:8080/#/c/18253/2/src/kudu/server/webserver.cc@94 PS2, Line 94: This is to enforce nit: maybe describe what the value is? Maybe something like: The time, in seconds, that a browser should remember that the webserver can only to be accessed using HTTPS. (just looking at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) http://gerrit.cloudera.org:8080/#/c/18253/2/src/kudu/server/webserver.cc@98 PS2, Line 98: g nit: is set -- To view, visit http://gerrit.cloudera.org:8080/18253 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Id844b9588196b3d608765d0f16f5caec1c414d41 Gerrit-Change-Number: 18253 Gerrit-PatchSet: 2 Gerrit-Owner: Alexey Serbin <aser...@cloudera.com> Gerrit-Reviewer: Abhishek Chennaka <achenn...@cloudera.com> Gerrit-Reviewer: Andrew Wong <aw...@cloudera.com> Gerrit-Reviewer: Attila Bukor <abu...@apache.org> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Comment-Date: Fri, 18 Feb 2022 06:16:23 +0000 Gerrit-HasComments: Yes