diff --git a/lib/public/AppFramework/Http/ContentSecurityPolicy.php b/lib/public/AppFramework/Http/ContentSecurityPolicy.php
index 7f93f7004d9..c3fbee8baa7 100644
--- a/lib/public/AppFramework/Http/ContentSecurityPolicy.php
+++ b/lib/public/AppFramework/Http/ContentSecurityPolicy.php
@@ -43,7 +43,8 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
        /** @var bool Whether inline JS snippets are allowed */
        protected $inlineScriptAllowed = false;
        /** @var bool Whether eval in JS scripts is allowed */
-       protected $evalScriptAllowed = false;
+       // YunoHost patch: allow for eval in JS scripts for YunoHost tile
+       protected $evalScriptAllowed = true;
        /** @var bool Whether WebAssembly compilation is allowed */
        protected ?bool $evalWasmAllowed = false;
        /** @var bool Whether strict-dynamic should be set */