I'm currently trying to figure out how I could change the default X-Frame-Options DENY header for a single virtual host to SAMEORIGIN.

The x-frame-options.conf currently gets included in the basic.conf. The only option I see is to remove the inclusion of the basic.conf for my virtual host and include all the files from basic.conf "manually" without the x-frame-options.conf. Then setting the X-Frame-Options header myself.

This kind of feels wrong. And I've searched a little but it seems like there is no way of overriding a header that has been added with add_header before.

I've also tried overriding the variable $x_frame_options but that doesn't seem to work either. So is there a way that I haven't though of or do I just have to do it manually?

Thanks in advance :)