Github user krishna-pandey commented on the issue:
https://github.com/apache/spark/pull/19419
@srowen @rxin Made changes to enable the X-Content-Type-Options and
X-XSS-Protection values by default. Please review
Github user krishna-pandey commented on the issue:
https://github.com/apache/spark/pull/19419
@rxin , @srowen I think we can enable X-XSS-Protection and
X-Content-Type-Options response header by default. STS Header can be left
configurable or enabled by default when Spark UI
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144880059
--- Diff: docs/security.md ---
@@ -186,7 +186,54 @@ configure those ports.
+### HTTP Security Headers
+
+Apache Spark
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144787904
--- Diff: docs/security.md ---
@@ -186,7 +186,54 @@ configure those ports.
+### HTTP Security Headers
+
+Apache Spark
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144768513
--- Diff: docs/configuration.md ---
@@ -2013,7 +2013,6 @@ Apart from these, the following properties are also
available, and may be useful
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144768206
--- Diff: docs/security.md ---
@@ -186,7 +186,52 @@ configure those ports.
+### HTTP Security Headers
+
+Apache Spark
Github user krishna-pandey commented on the issue:
https://github.com/apache/spark/pull/19419
@jerryshao removed Whitespace at end of line 440 in package.scala. ok to
test.
---
-
To unsubscribe, e-mail: reviews
Github user krishna-pandey commented on the issue:
https://github.com/apache/spark/pull/19419
@srowen @tgravescs @dongjoon-hyun @jerryshao
Please review the PR. I have incorporated all changes as suggested
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144565082
--- Diff:
core/src/main/scala/org/apache/spark/internal/config/package.scala ---
@@ -420,6 +420,25 @@ package object config {
.toSequence
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144495051
--- Diff: docs/configuration.md ---
@@ -2013,7 +2013,62 @@ Apart from these, the following properties are also
available, and may be useful
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144495102
--- Diff: docs/configuration.md ---
@@ -2013,7 +2013,62 @@ Apart from these, the following properties are also
available, and may be useful
Github user krishna-pandey commented on the issue:
https://github.com/apache/spark/pull/19419
@tgravescs These generic headers are about providing available client-side
protection for the application. I also think even if there is no sensitive data
to formulate an attack by itself
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144348004
--- Diff: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala ---
@@ -89,6 +92,13 @@ private[spark] object JettyUtils extends Logging
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144281816
--- Diff: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala ---
@@ -89,6 +92,9 @@ private[spark] object JettyUtils extends Logging
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144262853
--- Diff: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala ---
@@ -79,6 +79,9 @@ private[spark] object JettyUtils extends Logging
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144262264
--- Diff: conf/spark-defaults.conf.template ---
@@ -25,3 +25,10 @@
# spark.serializer
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r144204531
--- Diff: conf/spark-defaults.conf.template ---
@@ -25,3 +25,10 @@
# spark.serializer
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r143427428
--- Diff: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala ---
@@ -89,6 +92,9 @@ private[spark] object JettyUtils extends Logging
Github user krishna-pandey commented on the issue:
https://github.com/apache/spark/pull/19419
@dongjoon-hyun Made the changes as suggested.
---
-
To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org
Github user krishna-pandey commented on the issue:
https://github.com/apache/spark/pull/19419
@dongjoon-hyun Thanks for the review. Made the changes as suggested.
---
-
To unsubscribe, e-mail: reviews-unsubscr
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r142708896
--- Diff: conf/spark-defaults.conf.template ---
@@ -19,9 +19,16 @@
# This is useful for setting default environmental settings
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r142701588
--- Diff: conf/spark-defaults.conf.template ---
@@ -19,9 +19,16 @@
# This is useful for setting default environmental settings
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r142578623
--- Diff: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala ---
@@ -89,6 +92,9 @@ private[spark] object JettyUtils extends Logging
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r142578622
--- Diff: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala ---
@@ -89,6 +92,9 @@ private[spark] object JettyUtils extends Logging
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r142446016
--- Diff: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala ---
@@ -89,6 +92,9 @@ private[spark] object JettyUtils extends Logging
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r142445649
--- Diff: conf/spark-defaults.conf.template ---
@@ -19,9 +19,16 @@
# This is useful for setting default environmental settings
Github user krishna-pandey commented on a diff in the pull request:
https://github.com/apache/spark/pull/19419#discussion_r142442356
--- Diff: conf/spark-defaults.conf.template ---
@@ -19,9 +19,16 @@
# This is useful for setting default environmental settings
GitHub user krishna-pandey opened a pull request:
https://github.com/apache/spark/pull/19419
Adding security headers for preventing XSS, MitM and MIME sniffing
## What changes were proposed in this pull request?
The HTTP Strict-Transport-Security response header (often
28 matches
Mail list logo