diff --git a/previewer_jupyter/indico_previewer_jupyter/controllers.py b/previewer_jupyter/indico_previewer_jupyter/controllers.py
index 9207779..7e4c7b2 100644
--- a/previewer_jupyter/indico_previewer_jupyter/controllers.py
+++ b/previewer_jupyter/indico_previewer_jupyter/controllers.py
@@ -54,7 +54,7 @@ class RHEventPreviewIPyNB(RH):
 
         response = current_app.response_class(html)
         # Use CSP to restrict access to possibly malicious scripts or inline JS
-        csp_header = "script-src 'self' cdn.mathjax.org cdnjs.cloudflare.com 'unsafe-eval';"
+        csp_header = "script-src cdn.mathjax.org cdnjs.cloudflare.com 'unsafe-eval';"
         response.headers['Content-Security-Policy'] = csp_header
         response.headers['X-Webkit-CSP'] = csp_header
         # IE10 doesn't have proper CSP support, so we need to be more strict