I need some help with my .htaccess.

I want this lines only execute if the url is not /wp-admin.

Header add Content-Security-Policy "default-src 'self';"
Header add Content-Security-Policy "script-src 'self';"

My idea was something like this:

<If "%{REQUEST_URI} !^/wp-admin">
    
</If>
<Else>
Header add Content-Security-Policy "default-src 'self';"
Header add Content-Security-Policy "script-src 'self';"
</Else>

Maybe it would be nice if a loggedin user is on the website that the lines also not be executed.

Thank you for the help.