diff --git a/frontend/nginx.conf b/frontend/nginx.conf
index 0905f49..9007510 100644
--- a/frontend/nginx.conf
+++ b/frontend/nginx.conf
@@ -46,7 +46,7 @@ http {
         index index.html;
 
         # Security headers for frontend
-        add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' http://localhost:3000 http://localhost:1337;" always;
+        add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' http://localhost:3000 http://localhost:1337 https://api.placebo.mk https://cms.placebo.mk;" always;
 
         # Handle React Router
         location / {
diff --git a/pwa/nginx.conf b/pwa/nginx.conf
index 0905f49..bafd20d 100644
--- a/pwa/nginx.conf
+++ b/pwa/nginx.conf
@@ -46,7 +46,7 @@ http {
         index index.html;
 
         # Security headers for frontend
-        add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' data:; connect-src 'self' http://localhost:3000 http://localhost:1337;" always;
+        add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' http://localhost:3000 http://localhost:1337 https://api.placebo.mk https://cms.placebo.mk; manifest-src 'self';" always;
 
         # Handle React Router
         location / {