diff --git a/app/entry.server.jsx b/app/entry.server.jsx
index 427029a..9407115 100644
--- a/app/entry.server.jsx
+++ b/app/entry.server.jsx
@@ -64,10 +64,6 @@ function handleBotRequest(
           const stream = createReadableStreamFromReadable(body);
 
           responseHeaders.set("Content-Type", "text/html");
-          // security
-          responseHeaders.set("Cross-Origin-Embedder-Policy", "require-corp");
-          responseHeaders.set("Cross-Origin-Opener-Policy", "same-origin");
-          responseHeaders.set("Cross-Origin-Resource-Policy", "same-site");
 
           resolve(
             new Response(stream, {
@@ -118,6 +114,11 @@ function handleBrowserRequest(
           const stream = createReadableStreamFromReadable(body);
 
           responseHeaders.set("Content-Type", "text/html");
+          // security
+          // responseHeaders.set("Cross-Origin-Embedder-Policy", "require-corp");
+          // responseHeaders.set("Cross-Origin-Opener-Policy", "same-origin");
+          // responseHeaders.set("Cross-Origin-Resource-Policy", "same-site");
+          // responseHeaders.set("Content-Security-Policy", "default-src 'self'");
 
           resolve(
             new Response(stream, {