I want to allow iframe for site only on a specific sites
I cat to make this:
Header set Content-Security-Policy "frame-ancestors 'self' http://myorigin.com"But it will be shown in browser response header.I try to hide it from headers:
<If "%{HTTP_HOST} != 'myorigin.com'"> Header set Content-Security-Policy "frame-ancestors 'self'"</If>But it's not workingCan someone help please?