diff --git a/compose.yml b/compose.yml
index efbfa5d..8f3ec9e 100644
--- a/compose.yml
+++ b/compose.yml
@@ -80,6 +80,11 @@ services:
       - "traefik.enable=true"
       - "traefik.http.routers.neah-keycloak.rule=Host(`${KEYCLOAK_HOST}.${MAIN_DOMAIN}`)"
       - "traefik.http.services.neah-keycloak.loadbalancer.server.port=8080"
+      # Middleware pour les en-têtes CSP
+      - "traefik.http.middlewares.keycloak-headers.headers.customResponseHeaders.Content-Security-Policy=frame-ancestors 'self' http://${MAIN_DOMAIN} http://localhost:3000"
+      - "traefik.http.middlewares.keycloak-headers.headers.customResponseHeaders.X-Frame-Options=ALLOWALL"
+      # Application du middleware au routeur
+      - "traefik.http.routers.neah-keycloak.middlewares=keycloak-headers"
     volumes:
       - keycloak_data:/opt/keycloak/data
     networks: