From c9889ac977ad1b7fcd64c300c7b77f9b6fa2a6a6 Mon Sep 17 00:00:00 2001
From: Sumeng Wang <sumengwang@google.com>
Date: Fri, 4 Aug 2023 10:02:24 -0700
Subject: [PATCH] add hsts default values in cdap-default.xml

---
 .../src/main/resources/cdap-default.xml       | 32 +++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/cdap-common/src/main/resources/cdap-default.xml b/cdap-common/src/main/resources/cdap-default.xml
index 07bfa9fbe2d2..e21275379e63 100644
--- a/cdap-common/src/main/resources/cdap-default.xml
+++ b/cdap-common/src/main/resources/cdap-default.xml
@@ -6020,4 +6020,36 @@
     </description>
   </property>
 
+  <property>
+    <name>hsts.enabled</name>
+    <value>false</value>
+    <description>
+      Whether to enable HSTS settings on UI node server.
+    </description>
+  </property>
+
+  <property>
+    <name>hsts.max.age</name>
+    <value>31536000</value>
+    <description>
+      The number of seconds browsers should remember to prefer HTTPS.
+    </description>
+  </property>
+
+  <property>
+    <name>hsts.include.sub.domains</name>
+    <value>true</value>
+    <description>
+      Whether to include the includeSubDomains directive, which makes this policy extend to subdomains.
+    </description>
+  </property>
+
+  <property>
+    <name>hsts.preload</name>
+    <value>true</value>
+    <description>
+      Adds the preload directive, expressing intent to add your HSTS policy to browsers.
+    </description>
+  </property>
+
 </configuration>