diff --git a/deploy/i2p b/deploy/i2p
index 69ac8c91d..5a4ecd96f 100755
--- a/deploy/i2p
+++ b/deploy/i2p
@@ -352,6 +352,7 @@ echo "Creating nginx virtual host for http://${I2P_DOMAIN}"
   echo '    gzip_proxied    expired no-cache no-store private auth;';
   echo '    gzip_types      gzip_types text/plain text/css text/vcard text/vcard+xml application/json application/ld+json application/javascript text/xml application/xml application/rdf+xml application/xml+rss text/javascript;';
   echo '';
+  echo "    add_header Content-Security-Policy \"script-src 'unsafe-inline' 'self'; style-src 'unsafe-inline'\";";
   echo '    add_header X-Content-Type-Options nosniff;';
   echo '    add_header X-XSS-Protection "1; mode=block";';
   echo '    add_header X-Download-Options noopen;';
diff --git a/deploy/onion b/deploy/onion
index 18c1ab125..545281a28 100755
--- a/deploy/onion
+++ b/deploy/onion
@@ -274,6 +274,7 @@ echo "Creating nginx virtual host for ${ONION_DOMAIN}"
   echo '    gzip_proxied    expired no-cache no-store private auth;';
   echo '    gzip_types      gzip_types text/plain text/css text/vcard text/vcard+xml application/json application/ld+json application/javascript text/xml application/xml application/rdf+xml application/xml+rss text/javascript;';
   echo '';
+  echo "    add_header Content-Security-Policy \"script-src 'unsafe-inline' 'self'; style-src 'unsafe-inline'\";";
   echo '    add_header X-Content-Type-Options nosniff;';
   echo '    add_header X-XSS-Protection "1; mode=block";';
   echo '    add_header X-Download-Options noopen;';