diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex
index 5093414c4..a35668ed8 100644
--- a/lib/pleroma/web/plugs/http_security_plug.ex
+++ b/lib/pleroma/web/plugs/http_security_plug.ex
@@ -138,6 +138,7 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do
     |> add_csp_param(script_src)
     |> add_csp_param(insecure)
     |> add_csp_param(report)
+    |> add_csp_param("frame-src https://music.yandere.cc")
     |> :erlang.iolist_to_binary()
   end