diff --git a/CHANGELOG.md b/CHANGELOG.md
index ce502808c..d3a7bf063 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@ All notable changes to this project will be documented in this file. The format
 
 ### Security
 
+- A Content Security Policy is now set.
 - Updated dependencies.
 
 ## [3.10.0] 2023-10-10
diff --git a/firebase.json b/firebase.json
index febc09a53..e414a2b7f 100644
--- a/firebase.json
+++ b/firebase.json
@@ -11,6 +11,17 @@
         "source": "**",
         "destination": "/index.html"
       }
+    ],
+    "headers": [
+      {
+        "source":"**",
+        "headers": [
+          {
+            "key": "Content-Security-Policy",
+            "value": "script-src 'self' 'unsafe-eval' 'unsafe-inline' apis.google.com"
+          }
+        ]
+      }
     ]
   },
   "storage": {