Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/18253 )
Change subject: [webserver] add HSTS header for HTTPS responses ...................................................................... Patch Set 2: (2 comments) http://gerrit.cloudera.org:8080/#/c/18253/2/src/kudu/server/webserver.cc File src/kudu/server/webserver.cc: http://gerrit.cloudera.org:8080/#/c/18253/2/src/kudu/server/webserver.cc@93 PS2, Line 93: 31536000 > I don't know if this feature makes any sense for Kudu, but either way, I do I guess you meant it should be disabled by default, right? Done -- changed to -1 for the default. http://gerrit.cloudera.org:8080/#/c/18253/2/src/kudu/server/webserver.cc@694 PS2, Line 694: if (IsSecure() && FLAGS_webserver_hsts_max_age_seconds > 0) { > HSTS specifies that a value of 0 effectively disables HSTS, so it should be That's a good point. Done. -- To view, visit http://gerrit.cloudera.org:8080/18253 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Id844b9588196b3d608765d0f16f5caec1c414d41 Gerrit-Change-Number: 18253 Gerrit-PatchSet: 2 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Abhishek Chennaka <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Comment-Date: Fri, 18 Feb 2022 08:28:18 +0000 Gerrit-HasComments: Yes
