[jira] [Updated] (SPARK-55201) Add option to disable insecure HTTP port when SSL is enabled

ASF GitHub Bot (Jira) Mon, 26 Jan 2026 07:42:20 -0800


     [ 
https://issues.apache.org/jira/browse/SPARK-55201?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


ASF GitHub Bot updated SPARK-55201:
-----------------------------------
    Labels: pull-request-available  (was: )

> Add option to disable insecure HTTP port when SSL is enabled
> ------------------------------------------------------------
>
>                 Key: SPARK-55201
>                 URL: https://issues.apache.org/jira/browse/SPARK-55201
>             Project: Spark
>          Issue Type: Task
>          Components: Spark Core, Web UI
>    Affects Versions: 4.2.0
>            Reporter: Daniel Ay
>            Priority: Minor
>              Labels: pull-request-available
>
> Currently, when SSL/TLS is enabled for Spark Web UIs (History Server, Master, 
> Worker), Spark still binds to an insecure HTTP port to provide redirection. 
> These open ports are flagged as a vulnerability by security scanners.
> We should introduce a new configuration to allow Spark to skip binding the 
> HTTP port entirely when HTTPS is active.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (SPARK-55201) Add option to disable insecure HTTP port when SSL is enabled

Reply via email to