diff --git a/src/org/openbravo/dal/core/DalRequestFilter.java b/src/org/openbravo/dal/core/DalRequestFilter.java
index 5859e9cc7b..059a558e3c 100644
--- a/src/org/openbravo/dal/core/DalRequestFilter.java
+++ b/src/org/openbravo/dal/core/DalRequestFilter.java
@@ -28,6 +28,7 @@ import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
@@ -77,6 +78,9 @@ public class DalRequestFilter implements Filter {
   @Override
   public void doFilter(final ServletRequest request, final ServletResponse response,
       final FilterChain chain) throws IOException, ServletException {
+    if (response instanceof HttpServletResponse) {
+      ((HttpServletResponse) response).setHeader("Content-Security-Policy", "script-src 'self'");
+    }
     final DalThreadHandler dth = new DalThreadHandler() {
 
       @Override