Github user dongjoon-hyun commented on a diff in the pull request: https://github.com/apache/spark/pull/19419#discussion_r143048963 --- Diff: core/src/main/scala/org/apache/spark/ui/JettyUtils.scala --- @@ -89,6 +92,15 @@ private[spark] object JettyUtils extends Logging { val result = servletParams.responder(request) response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate") response.setHeader("X-Frame-Options", xFrameOptionsValue) + if (xXssProtectionValue.isDefined) { + response.setHeader("X-XSS-Protection", xXssProtectionValue.get) + } + if (xContentTypeOptionsValue.isDefined) { + response.setHeader("X-Content-Type-Options", xContentTypeOptionsValue.get) + } + if (strictTransportSecurityValue.isDefined) { + response.setHeader("Strict-Transport-Security", strictTransportSecurityValue.get) + } --- End diff -- Can we simplify line 95~103 into the following? ```scala xXssProtectionValue.foreach(response.setHeader("X-XSS-Protection", _)) xContentTypeOptionsValue.foreach(response.setHeader("X-Content-Type-Options", _)) strictTransportSecurityValue.foreach(response.setHeader("Strict-Transport-Security", _)) ```
--- --------------------------------------------------------------------- To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org