diff --git a/pagure/default_config.py b/pagure/default_config.py
index aa80f2c..5128ff8 100644
--- a/pagure/default_config.py
+++ b/pagure/default_config.py
@@ -614,8 +614,9 @@ SSH_COMMAND_NON_REPOSPANNER = (
 )
 
 CSP_HEADERS = (
-    "default-src 'self' https:; "
+    "default-src 'self';"
     "script-src 'self' '{nonce_script}'; "
     "style-src 'self' '{nonce_style}'; "
-    "object-src" 'none'"
+    "object-src 'none';"
+    "base-uri 'self';"
 )