diff --git a/src/main.rs b/src/main.rs
index 69f7989..9672996 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -2,7 +2,7 @@ use std::sync::Arc;
 
 use actix::Actor;
 use actix_identity::{CookieIdentityPolicy, IdentityService};
-use actix_web::{App, get, HttpResponse, HttpServer, web};
+use actix_web::{App, get, HttpResponse, HttpServer, middleware, web};
 use actix_web::cookie::SameSite;
 use actix_web::cookie::time::Duration;
 use actix_web::middleware::Logger;
@@ -97,6 +97,8 @@ async fn main() -> std::io::Result<()> {
             .app_data(web::Data::new(jwt_signer.clone()))
             .app_data(web::Data::new(webauthn_manager.clone()))
 
+            .wrap(middleware::DefaultHeaders::new()
+                .add(("Permissions-Policy", "interest-cohort=()")))
             .wrap(Logger::default())
             .wrap(AuthMiddleware {})
             .wrap(IdentityService::new(policy))