diff --git a/lib/http-server/http-server.js b/lib/http-server/http-server.js
index 6aef1dc..82b00aa 100644
--- a/lib/http-server/http-server.js
+++ b/lib/http-server/http-server.js
@@ -207,9 +207,15 @@ class HttpServer {
 HttpServer.HELMET_POLICY = {
   'contentSecurityPolicy' : {
     'directives': {
-      'defaultSrc': ['"self"'],
-      'styleSrc' : ['"self"', '"unsafe-inline"'],
-      'img-src' : ['"self" data:']
+      'default-src': ["'self'", "data:"],
+      'base-uri': ["'self'"],
+      'font-src': ["'self'", "https:", "data:"],
+      'frame-ancestors': ["'self'"],
+      'img-src': ["'self'", "data:"],
+      'object-src': ["'none'"],
+      'script-src': ["'self'", "'unsafe-inline'"],
+      'style-src': ["'self'", "https:", "'unsafe-inline'"],
+      'media-src': ["'self'", 'data:'],
     },
     'browserSniff': false,
     'disableAndroid': true