diff --git a/index.html b/index.html
index ca302c4686..e6ea7c9ef3 100644
--- a/index.html
+++ b/index.html
@@ -4,7 +4,7 @@
   <meta charset="UTF-8">
   <meta content="width=device-width, initial-scale=1.0" name="viewport">
   <meta http-equiv="Content-Security-Policy"
-        content="default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' https://gc.zgo.at/; img-src *; connect-src 'self' https://www.openstreetmap.org/ https://api.openstreetmap.org/ https://pietervdvn.goatcounter.com/;">
+        content="default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' https://gc.zgo.at/; img-src * data: ; connect-src 'self' https://www.openstreetmap.org/ https://api.openstreetmap.org/ https://pietervdvn.goatcounter.com/;">
   <link href="./css/mobile.css" rel="stylesheet" />
   <link href="./css/openinghourstable.css" rel="stylesheet" />
   <link href="./css/tagrendering.css" rel="stylesheet" />