diff --git a/src/components/superprovider/index.js b/src/components/superprovider/index.js
index 4469894c..5136d551 100644
--- a/src/components/superprovider/index.js
+++ b/src/components/superprovider/index.js
@@ -35,7 +35,7 @@ export default class SuperProvider {
         if (this.iframe.contentWindow) {
             this.iframe.contentWindow.postMessage(
                 { type: 'init', channel: this.channelId },
-                '*'
+                this.iframe.src // Specify the origin of the iframe
             );
         }
         setTimeout(this._initIframe, 1000);
@@ -82,7 +82,7 @@ export default class SuperProvider {
                         id: data.id,
                         payload: { err: err, res: res },
                     },
-                    '*'
+                    this.iframe.src // Specify the origin of the iframe
                 );
             } catch (e) {}
         };
diff --git a/src/services/preview.service.js b/src/services/preview.service.js
index 1e0b5366..6c806f8b 100644
--- a/src/services/preview.service.js
+++ b/src/services/preview.service.js
@@ -33,7 +33,7 @@ export const previewService = {
                 const builtProject = await buildProjectHtml(this.projectItem, wallet, this.disableAccounts, environment);
                 exportableDappHtml = builtProject.exportableContent;
                 if (e.source) {
-                    e.source.postMessage({ type: 'set-content', payload: builtProject.content }, '*');
+                    e.source.postMessage({ type: 'set-content', payload: builtProject.content }, 'https://trusted-origin.com');
                     this.superProvider.initIframe(document.getElementById(iframeId));
                 }
             }