Sobelow.Config.Headers (Sobelow v0.11.1) View Source
Missing Secure HTTP Headers
By default, Phoenix HTTP responses contain a number of secure HTTP headers that attempt to mitigate XSS, click-jacking, and content-sniffing attacks.
Missing Secure HTTP Headers is flagged by
a pipeline accepts "html" requests, but does not implement
Secure Headers checks can be ignored with the following command:
$ mix sobelow -i Config.Headers