diff --git a/lib/livebook_web/router.ex b/lib/livebook_web/router.ex
index acfaf71ae..f54d22694 100644
--- a/lib/livebook_web/router.ex
+++ b/lib/livebook_web/router.ex
@@ -178,7 +178,9 @@ defmodule LivebookWeb.Router do
 
   defp within_iframe_secure_headers(conn, _opts) do
     if Livebook.Config.within_iframe?() do
-      delete_resp_header(conn, "x-frame-options")
+      [value] = get_resp_header(conn, "content-security-policy")
+      value = String.replace(value, "frame-ancestors 'self';", "frame-ancestors *;")
+      put_resp_header(conn, "content-security-policy", value)
     else
       conn
     end