diff --git a/.github/cfp_headers b/.github/cfp_headers
index 4a1d4d441a..5eb050e228 100644
--- a/.github/cfp_headers
+++ b/.github/cfp_headers
@@ -2,6 +2,8 @@
   ! Access-Control-Allow-Origin
   X-XSS-Protection: 1; mode=block
   X-Content-Type-Options: nosniff
+  X-Frame-Options: SAMEORIGIN
+  Content-Security-Policy: frame-ancestors 'self'
   Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
 
 /version