diff --git a/cdap-common/src/main/resources/cdap-default.xml b/cdap-common/src/main/resources/cdap-default.xml
index 07bfa9fbe2d2..e21275379e63 100644
--- a/cdap-common/src/main/resources/cdap-default.xml
+++ b/cdap-common/src/main/resources/cdap-default.xml
@@ -6020,4 +6020,36 @@
+
+ hsts.enabled
+ false
+
+ Whether to enable HSTS settings on UI node server.
+
+
+
+
+ hsts.max.age
+ 31536000
+
+ The number of seconds browsers should remember to prefer HTTPS.
+
+
+
+
+ hsts.include.sub.domains
+ true
+
+ Whether to include the includeSubDomains directive, which makes this policy extend to subdomains.
+
+
+
+
+ hsts.preload
+ true
+
+ Adds the preload directive, expressing intent to add your HSTS policy to browsers.
+
+
+