diff --git a/src/snek/system/middleware.py b/src/snek/system/middleware.py
index 7a60d1d..3dc41cf 100644
--- a/src/snek/system/middleware.py
+++ b/src/snek/system/middleware.py
@@ -9,7 +9,15 @@
 from aiohttp import web
 import secrets
 
-csp_policy = "default-src 'self'; script-src 'self' 'nonce-{nonce}'; style-src 'self';"
+
+csp_policy = (
+    "default-src 'self'; "
+    "script-src 'self' https://*.cloudflare.com https://molodetz.nl 'nonce-{nonce}'; "
+    "style-src 'self' https://*.cloudflare.com https://molodetz.nl; "
+    "img-src 'self' https://*.cloudflare.com https://molodetz.nl data:; "
+    "connect-src 'self' https://*.cloudflare.com https://molodetz.nl;"
+)
+
 
 def generate_nonce():
     return secrets.token_hex(16)