diff --git a/controllers/embed.go b/controllers/embed.go
index bd8396997..df2cde0f4 100644
--- a/controllers/embed.go
+++ b/controllers/embed.go
@@ -2,19 +2,30 @@ package controllers
 
 import (
 	"net/http"
+
+	"github.com/owncast/owncast/router/middleware"
 )
 
 // GetChatEmbedreadwrite gets the embed for readwrite chat.
 func GetChatEmbedreadwrite(w http.ResponseWriter, r *http.Request) {
+	// Set our global HTTP headers
+	middleware.SetHeaders(w)
+
 	http.ServeFile(w, r, "webroot/index-standalone-chat-readwrite.html")
 }
 
 // GetChatEmbedreadonly gets the embed for readonly chat.
 func GetChatEmbedreadonly(w http.ResponseWriter, r *http.Request) {
+	// Set our global HTTP headers
+	middleware.SetHeaders(w)
+
 	http.ServeFile(w, r, "webroot/index-standalone-chat-readonly.html")
 }
 
 // GetVideoEmbed gets the embed for video.
 func GetVideoEmbed(w http.ResponseWriter, r *http.Request) {
+	// Set our global HTTP headers
+	middleware.SetHeaders(w)
+
 	http.ServeFile(w, r, "webroot/index-video-only.html")
 }
diff --git a/router/middleware/headers.go b/router/middleware/headers.go
index abf5a59d0..9c2985722 100644
--- a/router/middleware/headers.go
+++ b/router/middleware/headers.go
@@ -21,7 +21,7 @@ func SetHeaders(w http.ResponseWriter) {
 	}
 	// Content security policy
 	csp := []string{
-		fmt.Sprintf("script-src 'self' %s 'sha256-2HPCfJIJHnY0NrRDPTOdC7AOSJIcQyNxzUuut3TsYRY=' 'sha256-qYEKg5UMg/KbbMBkyPIGsxtkfn/safeLBT08DK3592g=' 'sha256-2erOadwY1DsoNdxVjGlxldMJrFEUzr5sLDdB8lmm9m8=' 'sha256-DgrU+KwEGMFcB8B2ZdQyuxWWvTm7LeGpc+8SkxbSxGA='", unsafeEval),
+		fmt.Sprintf("script-src 'self' %s 'sha256-2HPCfJIJHnY0NrRDPTOdC7AOSJIcQyNxzUuut3TsYRY=' 'sha256-PzXGlTLvNFZ7et6GkP2nD3XuSaAKQVBSYiHzU2ZKm8o=' 'sha256-/wqazZOqIpFSIrNVseblbKCXrezG73X7CMqRSTf+8zw=' 'sha256-jCj2f+ICtd8fvdb0ngc+Hkr/ZnZOMvNkikno/XR6VZs='", unsafeEval),
 		"worker-src 'self' blob:", // No single quotes around blob:
 	}
 	w.Header().Set("Content-Security-Policy", strings.Join(csp, "; "))