diff --git a/deploy/nginx/nginx.conf b/deploy/nginx/nginx.conf
index 92cb9ad7e770c803b5dd21bb6b63e74bffa0d2de..f2e6a8f1156995557656125da7894f746cf10783 100644
--- a/deploy/nginx/nginx.conf
+++ b/deploy/nginx/nginx.conf
@@ -60,7 +60,7 @@ http {
     add_header X-Frame-Options DENY;
     add_header X-Content-Type-Options nosniff;
     add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
-    add_header Content-Security-Policy "script-src 'self' * 'unsafe-inline' 'unsafe-eval'; object-src 'none'; frame-src 'none'";
+    add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'none'; frame-src 'none'";
     add_header Cache-Control "no-cache,no-store,must-revalidate";
     add_header Pragma no-cache;
     add_header Expires 0;