diff --git a/src/lib/middleware/secure-headers.ts b/src/lib/middleware/secure-headers.ts
index 5f81f2d2dc..7e969f4d5b 100644
--- a/src/lib/middleware/secure-headers.ts
+++ b/src/lib/middleware/secure-headers.ts
@@ -64,6 +64,8 @@ const secureHeaders: (config: IUnleashConfig) => RequestHandler = (config) => {
                         ...config.additionalCspAllowedDomains.connectSrc,
                     ],
                     mediaSrc: [
+                        "'self'",
+                        'cdn.getunleash.io',
                         '*.youtube.com',
                         '*.youtube-nocookie.com',
                         ...config.additionalCspAllowedDomains.mediaSrc,