Please provide support to utilize HSTS headers directly from Bitbucket's container Tomcat/Springboot.
The HSTS is an IETF draft standard being developed by Google. It has a number of existing supported browsers like Firefox4 and Chrome (though I note both these are unsupported browsers). http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
A sample HTTP configuration is here and the HTTPS would involve the same "Header Always set" directive in the Apache HTTPS virtual host (though strictly "Always" isn't required except on HTTP):