Configuring HSTS for Spark
You can configure Apache Spark to include HTTP headers to prevent Cross-Site Scripting (XSS), Cross-Frame Scripting (XFS), MIME-Sniffing, and also enforce HTTP Strict Transport Security (HSTS).
- Go to the Spark service.
- Click the Configuration tab.
- Select History Server under Scope.
- Select Advanced under Category.
Set the following HSTS credentials in History Server Advanced
Configuration Snippet (Safety Valve) for
- Restart the Spark service.