diff --git a/internal/config/browser/browser.go b/internal/config/browser/browser.go
index 0daf91a4e..f5ad11d20 100644
--- a/internal/config/browser/browser.go
+++ b/internal/config/browser/browser.go
@@ -51,7 +51,7 @@ var (
 	DefaultKVS = config.KVS{
 		config.KV{
 			Key:   browserCSPPolicy,
-			Value: "default-src 'self' 'unsafe-eval' 'unsafe-inline';",
+			Value: "default-src 'self' 'unsafe-eval' 'unsafe-inline'; script-src 'self' https://unpkg.com;  connect-src 'self' https://unpkg.com;",
 		},
 		config.KV{
 			Key:   browserHSTSSeconds,