Apache AllowOverrides All but not x-frame-options

Rookie, learning basic Apache directives on the fly here.

CONTEXT: using htaccess overrides to apache in order to allow specific URLs the permission to iframe one of my sites. Those URLs being a few of my trusted customers.

Server admin set apache to “AllowOvverides All”
Server admin set X-frame-options SAMEORIGIN
htaccess file contains a directive for “Header always append X-Frame-Options http://www.example.com

a test iFrame within my same site (SAMEORIGIN) works.
the override that allows an outside site throws an error (conflicts) in my Console. Apache honors the server setting of SAMEORIGIN.

I’m seeing that AllowOverrides All is misleading in that the “all” part is really not true.
So, how do I get AllowOverrides to honor my x-frame-option?
what else can I do to get some directive through to Apache?

Thanks for any insights!

Instead of putting the directive in an htaccess, try putting it in the httpd.conf file instead?

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.