diff --git a/README.md b/README.md
index fb2e088..13a6487 100644
--- a/README.md
+++ b/README.md
@@ -43,6 +43,10 @@ brew install --cask jitsi-meet
 Content-Security-Policy "frame-ancestors [looks like any value is bad]";
 X-Frame-Options "DENY";
 ```
+A working Content Security Policy looks like that:
+```
+Content-Security-Policy "img-src 'self' 'unsafe-inline' data:; style-src 'self' 'unsafe-inline'; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'none';";
+```
 
 ## Development