diff --git a/.gitlab/review-apps-values.yaml b/.gitlab/review-apps-values.yaml
index f13b3784d6a276f15cb0e0a72001ea976580c908..b6289b996b9508b24e8875a39a50beac53706566 100644
--- a/.gitlab/review-apps-values.yaml
+++ b/.gitlab/review-apps-values.yaml
@@ -5,6 +5,10 @@ ingress:
   annotations: 
     kubernetes.io/tls-acme: "false"
     nginx.ingress.kubernetes.io/ssl-redirect: "false"
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      more_set_headers: "Content-Security-Policy: \"default-src 'self' data:\"";
+      more_set_headers: "X-Content-Security-Policy: \"default-src 'self' data:\"";
+      more_set_headers: "X-WebKit-CSP: \"default-src 'self' data:\"";
   tls: 
     enabled: false
 service: