diff --git a/internal/handlers/static/handlers.go b/internal/handlers/static/handlers.go
index 71257806c..37ffbb6d6 100644
--- a/internal/handlers/static/handlers.go
+++ b/internal/handlers/static/handlers.go
@@ -32,7 +32,8 @@ const (
 	img-src 'self' data: https:;
 	manifest-src 'self';
 	script-src 'self' https://www.google-analytics.com;
-	style-src 'self' 'unsafe-inline'
+	style-src 'self' 'unsafe-inline';
+	frame-ancestors 'none';
 	`
 
 	indexCacheMaxAge = 5 * time.Minute