diff --git a/roles/distgit/pagure/templates/pagure.cfg b/roles/distgit/pagure/templates/pagure.cfg
index f3dd2c466a..0aa7c77645 100644
--- a/roles/distgit/pagure/templates/pagure.cfg
+++ b/roles/distgit/pagure/templates/pagure.cfg
@@ -296,4 +296,13 @@ PROJECT_NAME_REGEX = '^[a-zA-z0-9_][a-zA-Z0-9-_\.+]*$'
 
 HTTP_REPO_ACCESS_GITOLITE = None
 
+CSP_HEADERS = (
+    "default-src 'self';"
+    "script-src 'self' '{nonce_script}' https://apps.fedoraproject.org; "
+    "style-src 'self' '{nonce_style}'; "
+    "object-src 'none';"
+    "base-uri 'self';"
+    "img-src 'self' https:;"
+)
+
 {% include "pagure_shared.cfg" %}