diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index b234e8902b..de9dc93c44 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -5,7 +5,7 @@
 # https://guides.rubyonrails.org/security.html#content-security-policy-header
 
 Rails.application.configure do
-  connect_src = [:self, "openhistoricalmap.github.io"]
+  connect_src = [:self, "*.openhistoricalmap.org", "openhistoricalmap.github.io"]
   img_src = [:self, :data, "www.gravatar.com", "*.wp.com", "tile.openstreetmap.org", "gps.tile.openstreetmap.org", "*.tile.thunderforest.com", "tile.tracestrack.com", "*.openstreetmap.fr"]
   script_src = [:self, "openhistoricalmap.github.io"]
   style_src = [:self, "openhistoricalmap.github.io"]