diff --git a/cloud-function/README.md b/cloud-function/README.md
index 5b379aa514a9..925fdc3a5110 100644
--- a/cloud-function/README.md
+++ b/cloud-function/README.md
@@ -36,6 +36,8 @@ The function uses the following environment variables:
   requests to the main site.
 - `ORIGIN_LIVE_SAMPLES` (default: `"localhost"`) - The expected `Host` header
   value for requests to live samples.
+- `ORIGIN_REVIEW` (default: `"content.dev.mdn.mozit.cloud"`) - The host of the
+  content preview pages.
 - `SOURCE_CONTENT` (default: `"http://localhost:8100"`) - The URL at which the
   client build is served.
 - `SOURCE_API` (default: `"https://developer.allizom.org/"`) - The URL at which
diff --git a/libs/play/index.js b/libs/play/index.js
index 82322d56dedd..41916db887a5 100644
--- a/libs/play/index.js
+++ b/libs/play/index.js
@@ -4,6 +4,8 @@ import he from "he";
 
 export const ORIGIN_PLAY = process.env["ORIGIN_PLAY"] || "localhost";
 export const ORIGIN_MAIN = process.env["ORIGIN_MAIN"] || "localhost";
+export const ORIGIN_REVIEW =
+  process.env["ORIGIN_REVIEW"] || "content.dev.mdn.mozit.cloud";
 
 /** @import { IncomingMessage, ServerResponse } from "http" */
 /** @import * as express from "express" */
@@ -332,6 +334,18 @@ function playSubdomain(hostname) {
   return "";
 }
 
+/**
+ * @param {URL} referer
+ */
+function isMDNReferer(referer) {
+  const { hostname } = referer;
+  return (
+    hostname === ORIGIN_MAIN ||
+    hostname === ORIGIN_REVIEW ||
+    hostname.endsWith(`.${ORIGIN_REVIEW}`)
+  );
+}
+
 /**
  * @param {express.Request} req
  * @param {express.Response} res
@@ -351,8 +365,7 @@ export async function handleRunner(req, res) {
   const isLocalhost = req.hostname === "localhost";
   const hasMatchingHash = playSubdomain(req.hostname) === hash;
   const isIframeOnMDN =
-    referer.hostname === ORIGIN_MAIN &&
-    req.headers["sec-fetch-dest"] === "iframe";
+    isMDNReferer(referer) && req.headers["sec-fetch-dest"] === "iframe";
 
   if (
     !stateParam ||