diff --git a/SciPost_v1/settings/base.py b/SciPost_v1/settings/base.py
index a6a8124503e4d856c6eacbcaf0e16c90316992b2..a0a90f8c55d6091e62898c6720244d5554a90e43 100644
--- a/SciPost_v1/settings/base.py
+++ b/SciPost_v1/settings/base.py
@@ -198,7 +198,7 @@ X_FRAME_OPTIONS = 'DENY'
 REFERRER_POLICY = 'same-origin'
 CSP_FONT_SRC = ("'self'", 'fonts.gstatic.com', 'cdnjs.cloudflare.com')
 CSP_FRAME_SRC = ('www.google.com')
-CSP_IMG_SRC = ("'self'", 'licensebuttons.net', 'crossmark-cdn.crossref.org')
+CSP_IMG_SRC = ("'self'", 'assets.crossref.org', 'licensebuttons.net', 'crossmark-cdn.crossref.org')
 CSP_SCRIPT_SRC = ("'self'", "'unsafe-inline'", 'ajax.googleapis.com', 'cdnjs.cloudflare.com',
                   'crossmark-cdn.crossref.org', 'www.recaptcha.net', 'www.gstatic.com')
 CSP_STYLE_SRC = ("'self'", "'unsafe-inline'", 'ajax.googleapis.com',