We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using the plug ContentSecurityPolicy.Plug.Setup was causing Sobelow to still complain.
plug ContentSecurityPolicy.Plug.Setup
So I did this to fix it:
@content_security_policy %ContentSecurityPolicy.Policy{ default_src: [ "'unsafe-inline'", "'unsafe-eval'", "'self'", "https://cdnjs.cloudflare.com", "https://cdn.skypack.dev", "https://res.cloudinary.com" ] } pipeline :browser do ... plug(:put_secure_browser_headers, %{"content-security-policy" => ContentSecurityPolicy.serialize(@content_security_policy)}) ... end
Not sure if there is a better way?
The text was updated successfully, but these errors were encountered:
you could set the option to %{"content-security-policy" => ""} then put the plug after, but I'm not sure if that counts as better :)
%{"content-security-policy" => ""}
Sorry, something went wrong.
No branches or pull requests
Using the
plug ContentSecurityPolicy.Plug.Setup
was causing Sobelow to still complain.So I did this to fix it:
Not sure if there is a better way?
The text was updated successfully, but these errors were encountered: