Skip to content

Instantly share code, notes, and snippets.

Last active Mar 9, 2016
What would you like to do?
Set X-Frame-Options SAMEORIGIN for all files but not for /embed/ files.
<IfModule mod_setenvif.c>
SetEnvIf Request_URI "/embed/$" IS_embed
Header set X-Frame-Options SAMEORIGIN env=!REDIRECT_IS_embed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment