diff --git a/packages/backend/src/config.ts b/packages/backend/src/config.ts
index 28915e2648..0ac357be77 100644
--- a/packages/backend/src/config.ts
+++ b/packages/backend/src/config.ts
@@ -239,10 +239,10 @@ export function loadConfig(): Config {
 	const internalMediaProxy = `${scheme}://${host}/proxy`;
 	const redis = convertRedisOptions(config.redis, host);
 	const htmlScriptPrelude = `var VERSION = ${JSON.stringify(version)}; var CLIENT_ENTRY = ${JSON.stringify(frontendManifest['src/_boot_.ts'].file)};`;
+	const htmlEmbedScriptPrelude = `var VERSION = ${JSON.stringify(version)}; var CLIENT_ENTRY = ${JSON.stringify(frontendEmbedManifest['src/boot.ts'].file)};`;
 	const cspPrerenderedContent = new Map([
-		[
-			'.prelude.js', hashResource(htmlScriptPrelude)
-		],
+		['.prelude.js', hashResource(htmlScriptPrelude)],
+		['.prelude.embed.js', hashResource(htmlEmbedScriptPrelude)],
 		...['boot.js', 'style.css', 'style.embed.css', 'boot.embed.js',
 			'bios.css', 'bios.js', 'cli.css', 'cli.js', 'error.css'
 		].map((file) => [file, hashSourceFile(`${_dirname}/server/web/${file}`)] as [string, CSPHashed]),
diff --git a/packages/backend/src/server/csp.ts b/packages/backend/src/server/csp.ts
index 1797d93707..45b37fbd06 100644
--- a/packages/backend/src/server/csp.ts
+++ b/packages/backend/src/server/csp.ts
@@ -44,7 +44,6 @@ export function generateCSP(hashedMap: Map<string, CSPHashed>, options: {
         ['style-src-attr', ['\'self\'', '\'unsafe-inline\'']],
         ['script-src', ['\'self\'', '\'wasm-unsafe-eval\'', ...scripts]],
         ['object-src', ['\'none\'']],
-        ['frame-src', ['\'none\'']],
         ['base-uri', ['\'self\'']],
         ['form-action', ['\'self\'']],
         ['child-src', ['\'self\'']],
diff --git a/packages/backend/src/server/web/views/base-embed.pug b/packages/backend/src/server/web/views/base-embed.pug
index 4babecf228..99c4dbc7f9 100644
--- a/packages/backend/src/server/web/views/base-embed.pug
+++ b/packages/backend/src/server/web/views/base-embed.pug
@@ -1,10 +1,10 @@
 block vars
 
 block loadClientEntry
-	- const entry = config.frontendEntry
-	- const styleCSS = config.cspPrerenderedContent.get('style.css');
-	- const jsPrelude = config.cspPrerenderedContent.get('.prelude.js');
-	- const bootJS = config.cspPrerenderedContent.get('boot.js');
+	- const entry = config.frontendEmbedEntry
+	- const styleCSS = config.cspPrerenderedContent.get('style.embed.css');
+	- const jsPrelude = config.cspPrerenderedContent.get('.prelude.embed.js');
+	- const bootJS = config.cspPrerenderedContent.get('boot.embed.js');
 
 doctype html
 
diff --git a/packages/backend/src/server/web/views/cli.pug b/packages/backend/src/server/web/views/cli.pug
index d2cf7c4335..e5c5cfe1e3 100644
--- a/packages/backend/src/server/web/views/cli.pug
+++ b/packages/backend/src/server/web/views/cli.pug
@@ -1,15 +1,17 @@
 doctype html
 
+block sriEntries 
+	- const cliJS = config.cspPrerenderedContent.get('cli.js')
+	- const cliCSS = config.cspPrerenderedContent.get('cli.css')
+
 html
 
 	head
 		meta(charset='utf-8')
 		meta(name='application-name' content='Misskey')
 		title Misskey Cli
-		style
-			include ../cli.css
-		script
-			include ../cli.js
+		style(integrity=cliCSS.integrity) !{cliCSS.content}
+		script(integrity=cliJS.integrity) !{cliJS.content}
 
 	body
 		header