Instantly share code, notes, and snippets.

@sergejmueller sergejmueller/.htaccess
Last active Mar 9, 2016

Embed
What would you like to do?
Set X-Frame-Options SAMEORIGIN for all files but not for /embed/ files.
<IfModule mod_setenvif.c>
SetEnvIf Request_URI "/embed/$" IS_embed
Header set X-Frame-Options SAMEORIGIN env=!REDIRECT_IS_embed
</IfModule>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment