diff --git a/server.go b/server.go
index ab42684..df48303 100644
--- a/server.go
+++ b/server.go
@@ -166,6 +166,13 @@ func New(e *echo.Echo, options *Options) error {
 		c.String(code, err.Error())
 	}
 
+	e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
+		return func(ectx echo.Context) error {
+			ectx.Response().Header().Set("Content-Security-Policy", "default-src 'self'")
+			return next(ectx)
+		}
+	})
+
 	e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
 		return func(ectx echo.Context) error {
 			ctx := &Context{Context: ectx, Server: s}