diff --git a/conf/nginx.conf b/conf/nginx.conf
index d225572..19e417c 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -10,5 +10,6 @@ location ^~ __PATH__/ {
   proxy_redirect    off;
   proxy_set_header  Host $host;
   proxy_set_header  X-Real-IP $remote_addr;
-  add_header X-Frame-Options "ALLOW-FROM https://__NEXTCLOUDDOMAIN__" always;
-}
\ No newline at end of file
+  more_set_headers "X-Frame-Options: ALLOW-FROM https://__NEXTCLOUDDOMAIN__";
+  add_header Content-Security-Policy "frame-ancestors __NEXTCLOUDDOMAIN__" always;
+}