diff --git a/SciPost_v1/settings/base.py b/SciPost_v1/settings/base.py
index 80b0b4ca0e908e3773ce2f2113b85311be7fc715..b9bd959bb5e025f8675d80eb86313cc79a757a51 100644
--- a/SciPost_v1/settings/base.py
+++ b/SciPost_v1/settings/base.py
@@ -196,7 +196,7 @@ SECURE_HSTS_PRELOAD = True
 SECURE_CONTENT_TYPE_NOSNIFF = True
 X_FRAME_OPTIONS = 'DENY'
 REFERRER_POLICY = 'same-origin'
-CSP_FONT_SRC = ("'self'", 'fonts.gstatic.com', 'cdnjs.cloudflare.com', 'www.google.com')
+CSP_FONT_SRC = ("'self'", 'data:', 'fonts.gstatic.com', 'cdnjs.cloudflare.com', 'www.google.com')
 CSP_FRAME_SRC = ('www.google.com', 'player.vimeo.com')
 CSP_IMG_SRC = ("'self'", 'ajax.googleapis.com', 'assets.crossref.org',
                'licensebuttons.net', 'crossmark-cdn.crossref.org')