I added the application to be started in mix.exs (even though I believe it's not necessary anymore with the latest versions of elixir)
I added the plug in the router
Just leaving the default configuration, the headers are not set properly
If I set it explicitely in the router with (for example)
plug(SecureHeaders, secure_headers: [config: [content_security_policy: "require-sri-for script;"]])
I get the following message in the console
The Content-Security-Policy directive 'require-sri-for' is implemented behind a flag which is currently disabled.
I am using latest version on master I added this in my config.exs
I added the application to be started in mix.exs (even though I believe it's not necessary anymore with the latest versions of elixir)
I added the plug in the router
Just leaving the default configuration, the headers are not set properly
If I set it explicitely in the router with (for example)
plug(SecureHeaders, secure_headers: [config: [content_security_policy: "require-sri-for script;"]])
I get the following message in the consoleThe Content-Security-Policy directive 'require-sri-for' is implemented behind a flag which is currently disabled.
Any pointers on how to make this work ?