diff --git a/app/templates/layout/default.php b/app/templates/layout/default.php
index 8a8628603..1097c650b 100644
--- a/app/templates/layout/default.php
+++ b/app/templates/layout/default.php
@@ -31,6 +31,7 @@
 header("Expires: Thursday, 10-Jan-69 00:00:00 GMT");
 header("Cache-Control: no-store, no-cache, max-age=0, must-revalidate");
 header("Pragma: no-cache");
+header("Content-Security-Policy: frame-ancestors 'self'");
 
 // Add X-UA-Compatible header for IE
 if(isset($_SERVER['HTTP_USER_AGENT']) && (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') !== false)) {
diff --git a/app/templates/layout/error.php b/app/templates/layout/error.php
index 747ad0331..5c0630f3a 100644
--- a/app/templates/layout/error.php
+++ b/app/templates/layout/error.php
@@ -12,6 +12,8 @@
  * @since         0.10.0
  * @license       https://opensource.org/licenses/mit-license.php MIT License
  */
+  
+  header("Content-Security-Policy: frame-ancestors 'self'");
 ?>
 <!DOCTYPE html>
 <html>