diff --git a/config/default-disco.js b/config/default-disco.js
index f053ebf7976..120a770d8a2 100644
--- a/config/default-disco.js
+++ b/config/default-disco.js
@@ -1 +1,7 @@
-module.exports = {};
+module.exports = {
+  CSP: {
+    directives: {
+      frameAncestors: ['about:addons'],
+    },
+  },
+};
diff --git a/tests/server/TestCSPConfig.js b/tests/server/TestCSPConfig.js
index e9588f107d4..5119a3dc0e7 100644
--- a/tests/server/TestCSPConfig.js
+++ b/tests/server/TestCSPConfig.js
@@ -91,3 +91,24 @@ describe('CSP Config', () => {
     assert.deepEqual(cspConfig.mediaSrc, ["'none'"]);
   });
 });
+
+
+describe('App Specific CSP Config', () => {
+  afterEach(() => {
+    process.env.NODE_ENV = 'production';
+    delete process.env.NODE_APP_INSTANCE;
+  });
+
+  it('should default frame-ancestors to "\'none\'"', () => {
+    const config = requireUncached('config');
+    const cspConfig = config.get('CSP').directives;
+    assert.deepEqual(cspConfig.frameAncestors, ["'none'"]);
+  });
+
+  it('should default set frame-ancestors to about:addons for disco pane', () => {
+    process.env.NODE_APP_INSTANCE = 'disco';
+    const config = requireUncached('config');
+    const cspConfig = config.get('CSP').directives;
+    assert.deepEqual(cspConfig.frameAncestors, ['about:addons']);
+  });
+});