diff --git a/src/Icons/Startup.cs b/src/Icons/Startup.cs
index 2a7f83e13..4695c320e 100644
--- a/src/Icons/Startup.cs
+++ b/src/Icons/Startup.cs
@@ -78,6 +78,9 @@ public class Startup
                 Public = true,
                 MaxAge = TimeSpan.FromDays(7)
             };
+
+            context.Response.Headers.Append("Content-Security-Policy", "default-src 'self'; script-src 'none'");
+
             await next();
         });