diff --git a/hosting/nginx.prod.conf.hbs b/hosting/nginx.prod.conf.hbs
index cc7225bf7a..22ca3f2f3e 100644
--- a/hosting/nginx.prod.conf.hbs
+++ b/hosting/nginx.prod.conf.hbs
@@ -60,7 +60,7 @@ http {
     add_header X-Frame-Options SAMEORIGIN always;
     add_header X-Content-Type-Options nosniff always;
     add_header X-XSS-Protection "1; mode=block" always;
-    add_header Content-Security-Policy $csp_default; $csp_script; $csp_style; $csp_object; $csp_base_uri; $csp_connect; $csp_font; $csp_frame; $csp_img; $csp_manifest; $csp_media; $csp_worker;" always;
+    add_header Content-Security-Policy ${csp_default}; ${csp_script}; ${csp_style}; ${csp_object}; ${csp_base_uri}; ${csp_connect}; ${csp_font}; ${csp_frame}; ${csp_img}; ${csp_manifest}; ${csp_media}; ${csp_worker};" always;
 
     # upstreams
     set $apps {{ apps }};