----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/70155/#review213549 -----------------------------------------------------------
core/src/main/resources/oozie-default.xml Lines 2785 (patched) <https://reviews.apache.org/r/70155/#comment299514> I'd add the unit to the name as suggested by OOZIE-2759 core/src/main/resources/oozie-default.xml Lines 2788 (patched) <https://reviews.apache.org/r/70155/#comment299513> Please add the unit (seconds?) to the description. server/src/main/java/org/apache/oozie/server/SSLServerConnectorFactory.java Lines 53 (patched) <https://reviews.apache.org/r/70155/#comment299515> Please add the unit to the variable name. server/src/main/java/org/apache/oozie/server/SSLServerConnectorFactory.java Line 147 (original), 151 (patched) <https://reviews.apache.org/r/70155/#comment299516> Thanks for the Seconds postfix. server/src/main/java/org/apache/oozie/server/SSLServerConnectorFactory.java Lines 152 (patched) <https://reviews.apache.org/r/70155/#comment299517> Could we extract true and false to meaningful variables? server/src/test/java/org/apache/oozie/server/TestSSLServerConnectorFactory.java Lines 173 (patched) <https://reviews.apache.org/r/70155/#comment299518> Hitchhikers reference. server/src/test/java/org/apache/oozie/server/TestSSLServerConnectorFactory.java Lines 176 (patched) <https://reviews.apache.org/r/70155/#comment299519> Isn't it message, expected, actual order? - Andras Salamon On March 7, 2019, 3:31 p.m., Kinga Marton wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/70155/ > ----------------------------------------------------------- > > (Updated March 7, 2019, 3:31 p.m.) > > > Review request for oozie and Andras Salamon. > > > Repository: oozie-git > > > Description > ------- > > As a security best practice we should add support for HSTS via oozie-site.xml > in case of embedded Jetty. > https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet > http://www.eclipse.org/jetty/documentation/9.3.x/embedded-examples.html - > this page is not available anymore > > https://www.eclipse.org/jetty/documentation/9.4.15.v20190215/embedded-examples.html > > > > Maybe we should even make it enabled by default when SSL is configured. > > > Diffs > ----- > > core/src/main/resources/oozie-default.xml c7f2becaa > docs/src/site/markdown/AG_Install.md 270b98fb0 > server/src/main/java/org/apache/oozie/server/SSLServerConnectorFactory.java > 466cefc2e > > server/src/test/java/org/apache/oozie/server/TestSSLServerConnectorFactory.java > f926a0910 > > > Diff: https://reviews.apache.org/r/70155/diff/1/ > > > Testing > ------- > > Junit + manually tested > > > Thanks, > > Kinga Marton > >