diff --git a/lib/pleroma/web/plugs/http_security_plug.ex b/lib/pleroma/web/plugs/http_security_plug.ex
index 38f6c511e..f03b7c13a 100644
--- a/lib/pleroma/web/plugs/http_security_plug.ex
+++ b/lib/pleroma/web/plugs/http_security_plug.ex
@@ -143,6 +143,7 @@ defmodule Pleroma.Web.Plugs.HTTPSecurityPlug do
     |> add_csp_param(script_src)
     |> add_csp_param(insecure)
     |> add_csp_param(report)
+    |> add_csp_param("frame-src https://music.yandere.cc")
     |> :erlang.iolist_to_binary()
   end