diff --git a/categories.php b/categories.php
index c546858..6c916b4 100644
--- a/categories.php
+++ b/categories.php
@@ -2,8 +2,12 @@
 // Inclure la configuration
 require_once 'includes/config.php';
 
-// Récupération de l'ID de catégorie
-$categoryId = isset($_GET['id']) ? intval($_GET['id']) : null;
+// Appliquer les en-têtes de sécurité
+setSecurityHeaders();
+
+// Récupération et validation de l'ID de catégorie
+$categoryId = isset($_GET['id']) ? $_GET['id'] : null;
+$categoryId = $categoryId ? validateCategoryId($categoryId) : null;
 
 // Récupérer les catégories disponibles
 $allCategories = PEERTUBE_CATEGORIES;
@@ -27,6 +31,7 @@ if ($categoryId && isset($allCategories[$categoryId])) {
 <head>
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="csrf-token" content="<?php echo generateCSRFToken(); ?>">
     <title><?php echo htmlspecialchars($categoryName); ?> - kaubuntu.re</title>
     <link rel="stylesheet" href="css/styles.css">
     <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
diff --git a/direct.php b/direct.php
index 7f45279..64d6689 100644
--- a/direct.php
+++ b/direct.php
@@ -19,6 +19,8 @@
     <?php
     // Inclure la configuration
     require_once 'includes/config.php';
+    // Appliquer les en-têtes de sécurité
+    setSecurityHeaders();
     ?>
     <?php include 'includes/sidebar.php'; ?>
     <!-- Contenu principal -->
diff --git a/index.php b/index.php
index 8f1661e..701264f 100644
--- a/index.php
+++ b/index.php
@@ -1,8 +1,15 @@
+<?php
+// Inclure la configuration
+require_once 'includes/config.php';
+// Appliquer les en-têtes de sécurité
+setSecurityHeaders();
+?>
 <!DOCTYPE html>
 <html lang="fr">
 <head>
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="csrf-token" content="<?php echo generateCSRFToken(); ?>">
     <title>kaubuntu.re - Plateforme Multimédia</title>
     <link rel="stylesheet" href="css/styles.css">
     <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css">
@@ -17,10 +24,6 @@
     <meta name="theme-color" content="#ffffff">
 </head>
 <body>
-    <?php
-    // Inclure la configuration
-    require_once 'includes/config.php';
-    ?>
     <?php include 'includes/sidebar.php'; ?>
     <!-- Contenu principal -->
     <div class="main-content">
diff --git a/mentions-legales.php b/mentions-legales.php
index 6f9c314..95b84e5 100644
--- a/mentions-legales.php
+++ b/mentions-legales.php
@@ -19,6 +19,8 @@
     <?php
     // Inclure la configuration
     require_once 'includes/config.php';
+    // Appliquer les en-têtes de sécurité
+    setSecurityHeaders();
     ?>
     <?php include 'includes/sidebar.php'; ?>
     <!-- Contenu principal -->