diff --git a/pkgs/server/api-ctx.ts b/pkgs/server/api-ctx.ts
index b1aaa64..4461ca9 100644
--- a/pkgs/server/api-ctx.ts
+++ b/pkgs/server/api-ctx.ts
@@ -139,5 +139,7 @@ export const createResponse = (
     "max-age=31536000; includeSubDomains; preload"
   );
 
+  res.headers.append("X-Frame-Options", "SAMEORIGIN");
+
   return res;
 };