diff --git a/server/previewServer.js b/server/previewServer.js
index 754775645..986186c3a 100644
--- a/server/previewServer.js
+++ b/server/previewServer.js
@@ -55,7 +55,12 @@ const corsMiddleware = cors({
   credentials: true,
   origin: allowedCorsOrigins
 });
-app.use(corsMiddleware);
+// app.use(corsMiddleware);
+app.use((req, res, next) => {
+  res.setHeader('Cross-Origin-Embedder-Policy', 'require-corp');
+  res.setHeader('Cross-Origin-Opener-Policy', 'same-origin');
+  corsMiddleware(req, res, next);
+});
 // Enable pre-flight OPTIONS route for all end-points
 app.options('*', corsMiddleware);