gon250/gist:2664b477a86e9df187d1

## gistfile1.txt
        public override void OnActionExecuting(ActionExecutingContext context)
        {
            var siteId = this._siteDataProvider.GetSiteId(context.HttpContext.Request.Url.Host);
            HttpResponseBase response = context.HttpContext.Response;
            string userAgent = context.HttpContext.Request.UserAgent;
            if (userAgent.Contains("MSIE 8") || userAgent.Contains("MSIE 9"))
            {
                switch (siteId)
                {
                    case (int)SiteEnum.A:
                        response.AppendHeader("X-Frame-Options", "ALLOW-FROM http://A.ie/");
                        break;
                    case (int)SiteEnum.B:
                        response.AppendHeader("X-Frame-Options", "ALLOW-FROM http://www.B.ie/");
                        break;
                    case (int)SiteEnum.C:
                        response.AppendHeader("X-Frame-Options", "ALLOW-FROM https://www.C.com/");
                        break;
                    default:
                        throw new ArgumentOutOfRangeException("The domain is not a valid site URL");
                }
            }
            else
            {
                response.AppendHeader("Content-Security-Policy", "frame-ancestors 'self' *.A.ie *.B.com *.C.ie ;");
            }
        }
	public override void OnActionExecuting(ActionExecutingContext context)
	{
	var siteId = this._siteDataProvider.GetSiteId(context.HttpContext.Request.Url.Host);
	HttpResponseBase response = context.HttpContext.Response;
	string userAgent = context.HttpContext.Request.UserAgent;
	if (userAgent.Contains("MSIE 8") \|\| userAgent.Contains("MSIE 9"))
	{
	switch (siteId)
	{
	case (int)SiteEnum.A:
	response.AppendHeader("X-Frame-Options", "ALLOW-FROM http://A.ie/");
	break;
	case (int)SiteEnum.B:
	response.AppendHeader("X-Frame-Options", "ALLOW-FROM http://www.B.ie/");
	break;
	case (int)SiteEnum.C:
	response.AppendHeader("X-Frame-Options", "ALLOW-FROM https://www.C.com/");
	break;
	default:
	throw new ArgumentOutOfRangeException("The domain is not a valid site URL");
	}
	}
	else
	{
	response.AppendHeader("Content-Security-Policy", "frame-ancestors 'self' .A.ie .B.com *.C.ie ;");
	}
	}