diff --git a/handler/default.go b/handler/default.go
index 84babf6..d96d6d4 100644
--- a/handler/default.go
+++ b/handler/default.go
@@ -42,5 +42,6 @@ func GetHandler(d *sql.DB, serverSettings *types.ServerSettings) http.Handler {
 		middleware.ContentSecurityPolicy,
 		middleware.Cors(serverSettings),
 		middleware.Corp,
+		middleware.Coop,
 	)
 }
diff --git a/middleware/coop.go b/middleware/coop.go
new file mode 100644
index 0000000..483c540
--- /dev/null
+++ b/middleware/coop.go
@@ -0,0 +1,13 @@
+package middleware
+
+import (
+	"net/http"
+)
+
+func Coop(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Cross-Origin-Opener-Policy", "same-origin")
+
+		next.ServeHTTP(w, r)
+	})
+}