diff --git a/conf/nginx.conf b/conf/nginx.conf
index 445eca8..f32af6b 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -20,6 +20,7 @@ location ^~ #LOCATION# {
   add_header X-Robots-Tag none;
   add_header X-Download-Options noopen;
   add_header X-Permitted-Cross-Domain-Policies none;
+  more_set_headers Content-Security-Policy "default-src 'self' 'unsafe-eval' data:;";
 
   # Set max upload size
   client_max_body_size 10G;
@@ -82,6 +83,7 @@ location ^~ #LOCATION# {
     add_header X-Robots-Tag none;
     add_header X-Download-Options noopen;
     add_header X-Permitted-Cross-Domain-Policies none;
+    more_set_headers Content-Security-Policy "default-src 'self' 'unsafe-eval' data:;";
     # Optional: Don't log access to assets
     access_log off;
   }