diff --git a/apps/frontend/next.config.js b/apps/frontend/next.config.js
index 8244048e..78a61930 100644
--- a/apps/frontend/next.config.js
+++ b/apps/frontend/next.config.js
@@ -1,5 +1,18 @@
 // @ts-check
 
+const cspHeader = `
+default-src 'self' chrome-extension:;
+script-src 'self' 'unsafe-eval' 'unsafe-inline' chrome-extension:;
+style-src 'self' 'unsafe-inline' chrome-extension:;
+img-src 'self' blob: data: chrome-extension:;
+font-src 'self' chrome-extension:;
+object-src 'none';
+base-uri 'self';
+form-action 'self';
+frame-ancestors 'none';
+upgrade-insecure-requests;
+`;
+
 /** @type {import('next').NextConfig} */
 const nextConfig = {
   experimental: {
@@ -19,6 +32,19 @@ const nextConfig = {
       },
     ],
   },
+  async headers() {
+    return [
+      {
+        source: '/(.*)',
+        headers: [
+          {
+            key: 'Content-Security-Policy',
+            value: cspHeader.replace(/\n/g, ''),
+          },
+        ],
+      },
+    ];
+  },
   async redirects() {
     return [
       {