diff --git a/README.md b/README.md
index f955f9dc..e63ea8dc 100644
--- a/README.md
+++ b/README.md
@@ -113,7 +113,7 @@ in MinIO container and configure it for public access.
 - `Strict-Transport-Security: max-age=31536000`
 - `X-XSS-Protection: 1; mode=block`
 - `X-Frame-Options: DENY`
-- `Content-Security-Policy: default-src 'self'`
+- `Content-Security-Policy: Content-Security-Policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;`
 - `Feature-Policy: microphone 'none'; camera 'none'; geolocation 'none'; payment 'none';`
 
 ### Vercel
diff --git a/frontend/vercel.json b/frontend/vercel.json
index 31c08ff9..1fd52faf 100644
--- a/frontend/vercel.json
+++ b/frontend/vercel.json
@@ -17,7 +17,7 @@
 				},
 				{
 					"key": "Content-Security-Policy",
-					"value": "default-src 'self'"
+					"value": "Content-Security-Policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;"
 				},
 				{
 					"key": "Feature-Policy",