diff --git a/workers-site/src/handler.ts b/workers-site/src/handler.ts
index f33c159..3c1cd4e 100644
--- a/workers-site/src/handler.ts
+++ b/workers-site/src/handler.ts
@@ -5,7 +5,7 @@ const APS_SLUG = 'Android-Password-Store'
 const GITHUB_URL = `https://github.com`
 const MY_GITHUB = `${GITHUB_URL}/${GITHUB_USERNAME}`
 const APS_GITHUB_URL = `https://github.com/${APS_SLUG}/${APS_SLUG}`
-const CSP_POLICY = "base-uri 'self'; connect-src 'self' insights.msfjarvis.dev utteranc.es; default-src 'self'; frame-ancestors 'none'; frame-src asciinema.org github.com platform.twitter.com utteranc.es; font-src 'self'; img-src 'self' data: gfycat.com imgur.com *.imgur.com insights.msfjarvis.dev syndication.twitter.com; object-src 'none'; script-src 'self' asciinema.org platform.twitter.com utteranc.es insights.msfjarvis.dev 'nonce-MZSWC5DVOJSS23TPNZRWKCQ='; style-src 'self' 'unsafe-inline';";
+const CSP_POLICY = "base-uri 'self'; connect-src 'self' insights.msfjarvis.dev utteranc.es; default-src 'self'; frame-ancestors 'none'; frame-src asciinema.org github.com platform.twitter.com utteranc.es; font-src 'self' fonts.gstatic.com; img-src 'self' data: gfycat.com imgur.com *.imgur.com insights.msfjarvis.dev syndication.twitter.com; object-src 'none'; script-src 'self' asciinema.org platform.twitter.com utteranc.es insights.msfjarvis.dev 'sha256-T5xaPlQfl1etSoFCqKdmLNHpv3NOQn2KQJoj6Pduxg4='; style-src 'self' fonts.googleapis.com 'unsafe-inline';";
 const PERMISSIONS_POLICY = "accelerometer=(), autoplay=(), camera=(), encrypted-media=(), geolocation=(), gyroscope=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), sync-xhr=(), usb=()"
 
 export async function handleRequest(event: FetchEvent): Promise<Response> {