diff --git a/volumes/conf.d/code.zinomedia.de.conf b/volumes/conf.d/code.zinomedia.de.conf
index 20713e9..53e8c05 100644
--- a/volumes/conf.d/code.zinomedia.de.conf
+++ b/volumes/conf.d/code.zinomedia.de.conf
@@ -18,14 +18,15 @@ server {
     add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
     add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:;" always;
 
-    include "snippets/enable-vouch.conf"; 
+    include "snippets/enable-vouch.conf";
 
     location / {
-        proxy_set_header Sec-Fetch-Site none;
+        add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:;" always;
+
         resolver 127.0.0.11;
         set $upstream "code-server:8443";
 
-        
+
         #proxy_http_version 1.1;
         #proxy_set_header Host $host;
         proxy_set_header Upgrade $http_upgrade;
@@ -38,7 +39,7 @@ server {
         proxy_pass http://$upstream;
     }
 
-     
+
 }
 
 server {