Conditional X-Frame-Options


I am trying to set X-Frame-Options for all pages except all pages of this path: ^/mypath/
Whatever I have tried it won't work.
For example, using the below code in my .htaccess I always end up with "deny" - even if I switch my condition check from !~ to =~ I still get "deny" for the pages under /mypath/

I have tried many different regex checks but had no success so far.

<IfModule mod_headers.c>
   <If "%{REQUEST_URI} !~ m#^/mypath/#">
      Header set X-Frame-Options "sameorigin"
      Header set X-Frame-Options "deny"

   # Header always set X-Frame-Options "sameorigin" "expr=%{REQUEST_URI} =~ m#^/mypath/$#"
Could someone advise how to achieve that?
And also could also propose a conditional check for setting my Header when in my url I have a query parameter like:
Last edited by a moderator:

thanks for the prompt response. It helped.
I had to adjust it like this in order to make it work. Snippet below is enhanced also with the query_string check:

    RewriteCond %{REQUEST_URI}  ^/mypath/
    RewriteCond %{QUERY_STRING} foo=bar
    RewriteRule - [E=SAME:1]
    Header set X-Frame-Options "deny"
    Header set X-Frame-Options "sameorigin"  env=SAME
Best wishes for the Season Holidays and the new Year to all!