sarutak commented on PR #56669:
URL: https://github.com/apache/spark/pull/56669#issuecomment-4781567755

   I agree with the general principle that when 
`spark.dynamicAllocation.enabled=false`, sub-configs like `maxExecutors` are 
ignored. That makes sense because those sub-configs were designed as part of 
the dynamic allocation feature from the start.
   
   I also understand your intent with the new sub-config: 
`frameAncestors.enabled` lives under `contentSecurityPolicy.*`, so when the 
parent (`contentSecurityPolicy.enabled`) is off, no CSP header should be 
emitted.
   
   However, `spark.ui.allowFramingFrom` is not a sub-config of 
`contentSecurityPolicy`. It's an independent config that has existed since 
Spark 1.6.0, long before CSP support was added. If we enforce the parent-child 
rule strictly here, `allowFramingFrom` becomes non-functional unless users 
explicitly enable CSP, which changes the originally intended default behavior 
of this config.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to