Ping a Specific Port

Question

Manoj Govindan

Asked: 2010-09-27 23:10:29 +0800 CST2010-09-27 23:10:29 +0800 CST 2010-09-27 23:10:29 +0800 CST

How can I add X-Frame-Options selectively using Apache?

772

I am planning to set X-Frame-Options SAMEORIGIN in my server's httpd.conf as part of improving the defenses against click jacking. I understand this will add the X-Frame-Options header to all pages. There is a "widget" page that I would like to exempt from this (other sites will display this page inside an IFRAME).

Is there a way to configure Apache 2 to not send the header for a specific page alone?

2 Answers

Voted

Mark Wagner · Answer 1 · 2010-09-28T10:56:09+08:00

Best Answer

Mark Wagner

2010-09-28T10:56:09+08:002010-09-28T10:56:09+08:00

Yes, use SetEnvIf:

SetEnvIf Request_URI "^/my_awesome_widget_page.html$" iframes_are_cool
Header set X-Frame-Options SAMEORIGIN env=!iframes_are_cool

3

cherdt · Answer 2 · 2016-02-25T13:23:34+08:00

cherdt

2016-02-25T13:23:34+08:002016-02-25T13:23:34+08:00

You can unset the X-Frame-Options header in a .htaccess file (assuming your widget is in its own subdirectory):

Header always unset X-Frame-Options

0

How can I add X-Frame-Options selectively using Apache?

Ping a Specific Port

How do I tell Git for Windows where to find my private RSA key?

How do you restart php-fpm?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?