diff --git a/config/nginx.conf b/config/nginx.conf
index 7ccb8ae..13e99b8 100644
--- a/config/nginx.conf
+++ b/config/nginx.conf
@@ -81,7 +81,7 @@ http {
          	index index.html;
           	try_files $uri @index;
 
-			add_header Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; script-src 'self'; style-src 'unsafe-inline' 'self' data:; font-src 'self' data:; img-src 'self' data:;";
+			add_header Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; connect-src 'self' https:; script-src 'self'; style-src 'unsafe-inline' 'self' data:; font-src 'self' data:; img-src 'self' data:;";
 
 			#Application config
 			location = /src/resources/app-config.json {
@@ -106,6 +106,7 @@ http {
 		location @index {
 			root /frontend;
     		add_header Cache-Control "no-cache";
+    		add_header Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; connect-src 'self' https:; script-src 'self'; style-src 'unsafe-inline' 'self' data:; font-src 'self' data:; img-src 'self' data:;";
     		expires 0;
     		try_files /index.html =404;
 		}
diff --git a/frontend/index.webpack.html b/frontend/index.webpack.html
index 0a55a7e..183b8d9 100644
--- a/frontend/index.webpack.html
+++ b/frontend/index.webpack.html
@@ -5,7 +5,7 @@
     <meta http-equiv="content-type" content="text/html; charset=UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
     <meta http-equiv="Content-Security-Policy"
-          content="default-src 'self'; script-src 'self'; style-src 'unsafe-inline' 'self' data:; font-src 'self' data:; img-src 'self' data:"/>
+          content="default-src 'self'; connect-src 'self' https:; script-src 'self'; style-src 'unsafe-inline' 'self' data:; font-src 'self' data:; img-src 'self' data:"/>
     <meta name="referrer" content="strict-origin-when-cross-origin"/>
     <link rel="icon" type="image/png" href="src/resources/img/logo.png"/>
 </head>