diff --git a/backend/src/index.js b/backend/src/index.js
index a61bb87..7b38fc9 100644
--- a/backend/src/index.js
+++ b/backend/src/index.js
@@ -57,10 +57,10 @@ app.use((_req, res, next) => {
   res.setHeader('Content-Security-Policy', [
     "default-src 'self'",
     "script-src 'self'",
-    "style-src 'self' 'unsafe-inline'",
+    "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com",
     `connect-src 'self' wss://${isProd ? new URL(frontendUrl).host : '*'}`,
-    "img-src 'self' https://*.atl-paas.net https://*.atlassian.com https://secure.gravatar.com data:",
-    "font-src 'self'",
+    "img-src 'self' https://*.atl-paas.net https://*.atlassian.com https://secure.gravatar.com https://*.gravatar.com data:",
+    "font-src 'self' https://fonts.gstatic.com",
     "object-src 'none'",
     "base-uri 'self'",
     "form-action 'self'",