diff --git a/src/main/java/org/olat/core/commons/services/csp/CSPModule.java b/src/main/java/org/olat/core/commons/services/csp/CSPModule.java
index 1f471bd07cab38cc02609bd08fe0c25408264a9f..62bfe9b2957f1d6b35933bfbe35ec754a70fd803 100644
--- a/src/main/java/org/olat/core/commons/services/csp/CSPModule.java
+++ b/src/main/java/org/olat/core/commons/services/csp/CSPModule.java
@@ -65,15 +65,15 @@ public class CSPModule extends AbstractSpringModule {
 	private static final String CONTENT_SECURITY_POLICY_OBJECT_SRC = "base.security.contentSecurityPolicy.objectSrc";
 	private static final String CONTENT_SECURITY_POLICY_PLUGIN_TYPE = "base.security.contentSecurityPolicy.pluginType";
 
-	@Value("${base.security.frameOptionsSameOrigine:disabled}")
+	@Value("${base.security.frameOptionsSameOrigine:enabled}")
 	private String xFrameOptionsSameorigin;
-	@Value("${base.security.strictTransportSecurity:disabled}")
+	@Value("${base.security.strictTransportSecurity:enabled}")
 	private String strictTransportSecurity;
-	@Value("${base.security.xContentTypeOptions:disabled}")
+	@Value("${base.security.xContentTypeOptions:enabled}")
 	private String xContentTypeOptions;
-	@Value("${base.security.contentSecurityPolicy:disabled}")
+	@Value("${base.security.contentSecurityPolicy:enabled}")
 	private String contentSecurityPolicy;
-	@Value("${base.security.contentSecurityPolicy.reportOnly:disabled}")
+	@Value("${base.security.contentSecurityPolicy.reportOnly:enabled}")
 	private String contentSecurityPolicyReportOnly;
 	
 	@Value("${base.security.contentSecurityPolicy.defaultSrc:}")