diff --git a/templates/base.php b/templates/base.php
index a47277e..6e61fbf 100644
--- a/templates/base.php
+++ b/templates/base.php
@@ -16,6 +16,7 @@
 ##
 $web_config = $this->get('web_config');
 header('X-Frame-Options: DENY');
+header("Content-Security-Policy: default-src 'self'");
 ?>
 <!DOCTYPE html>
 <meta charset="utf-8"/>