diff --git a/netlify.toml b/netlify.toml
index cfff5c1..b05ed10 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -1,14 +1,3 @@
 [context.production]
   publish = "public"
   command = "npm run snyk && npm run hexo"
-
-[[headers]]
-  for = "/*"
-  [headers.value]
-    X-Frame-Options = "DENY"
-    X-XSS-Protection = "1; mode=block"
-    X-Content-Type-Options = "nosniff"
-    Content-Security-Policy = "default-src 'self'; child-src 'none'; connect-src 'none'; font-src 'none'; frame-src 'none'; img-src https: 'self'; manifest-src 'none'; media-src 'none'; object-src 'none'; prefetch-src 'none'; script-src https://cdnjs.cloudflare.com 'self'; style-src https://cdnjs.cloudflare.com 'self'; worker-src 'none'; base-uri 'none'; form-action 'none'; block-all-mixed-content; frame-ancestors 'none';"
-    Referrer-Policy = "no-referrer"
-    Strict-Transport-Security = "max-age=31536000"
-    Feature-Policy = "accelerometer 'none'; autoplay 'none'; camera 'none'; document.domain 'none'; display-capture 'none'; encrypted-media 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; sync-xhr 'none'; usb 'none'"
\ No newline at end of file
diff --git a/source/_headers b/source/_headers
index e7b5a01..060e929 100644
--- a/source/_headers
+++ b/source/_headers
@@ -2,3 +2,7 @@
   X-Frame-Options: DENY
   X-XSS-Protection: 1; mode=block
   X-Content-Type-Options: nosniff
+  Content-Security-Policy: default-src 'self'; child-src 'none'; connect-src 'none'; font-src 'none'; frame-src 'none'; img-src https: 'self'; manifest-src 'none'; media-src 'none'; object-src 'none'; prefetch-src 'none'; script-src https://cdnjs.cloudflare.com 'self'; style-src https://cdnjs.cloudflare.com 'self'; worker-src 'none'; base-uri 'none'; form-action 'none'; block-all-mixed-content; frame-ancestors 'none'
+  Referrer-Policy: no-referrer
+  Strict-Transport-Security: max-age=31536000
+  Feature-Policy: accelerometer 'none'; autoplay 'none'; camera 'none'; document.domain 'none'; display-capture 'none'; encrypted-media 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; sync-xhr 'none'; usb 'none'
\ No newline at end of file
diff --git a/themes/typing/layout/_partial/head.ejs b/themes/typing/layout/_partial/head.ejs
index 192b3b3..137904e 100644
--- a/themes/typing/layout/_partial/head.ejs
+++ b/themes/typing/layout/_partial/head.ejs
@@ -2,8 +2,6 @@
 <html lang="<%= theme.language %>">
 <head>
   <meta charset="utf-8">
-  <%/* CSP */%>
-  <meta http-equiv="Content-Security-Policy" content="default-src 'self'; child-src 'none'; connect-src 'none'; font-src 'none'; frame-src 'none'; img-src https: 'self'; manifest-src 'none'; media-src 'none'; object-src 'none'; prefetch-src 'none'; script-src https://cdnjs.cloudflare.com 'self'; style-src https://cdnjs.cloudflare.com 'self'; worker-src 'none'; base-uri 'none'; form-action 'none'; block-all-mixed-content;">
   <%
   let title = page.title