diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index a11fda863..814f43aa3 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -10,24 +10,24 @@
 #   policy.img_src     :self, :https, :data
 #   policy.object_src  :none
 #   policy.script_src  :self, :https
-    # Allow @vite/client to hot reload javascript changes in development
-#    policy.script_src *policy.script_src, :unsafe_eval, "http://#{ ViteRuby.config.host_with_port }" if Rails.env.development?
 
-    # You may need to enable this in production as well depending on your setup.
-#    policy.script_src *policy.script_src, :blob if Rails.env.test?
+# Allow @vite/client to hot reload javascript changes in development
+# policy.script_src *policy.script_src, :unsafe_eval, "http://#{ ViteRuby.config.host_with_port }" if Rails.env.development?
 
-#   policy.style_src   :self, :https
-    # Allow @vite/client to hot reload style changes in development
-#    policy.style_src *policy.style_src, :unsafe_inline if Rails.env.development?
+# You may need to enable this in production as well depending on your setup.
+# policy.script_src *policy.script_src, :blob if Rails.env.test?
 
-#   # If you are using webpack-dev-server then specify webpack-dev-server host
-#   policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development?
-    # Allow @vite/client to hot reload changes in development
-#    policy.connect_src *policy.connect_src, "ws://#{ ViteRuby.config.host_with_port }" if Rails.env.development?
+# policy.style_src   :self, :https
+# Allow @vite/client to hot reload style changes in development
+# policy.style_src *policy.style_src, :unsafe_inline if Rails.env.development?
 
+# # If you are using webpack-dev-server then specify webpack-dev-server host
+# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development?
+# Allow @vite/client to hot reload changes in development
+# policy.connect_src *policy.connect_src, "ws://#{ ViteRuby.config.host_with_port }" if Rails.env.development?
 
-#   # Specify URI for violation reports
-#   # policy.report_uri "/csp-violation-report-endpoint"
+# # Specify URI for violation reports
+# # policy.report_uri "/csp-violation-report-endpoint"
 # end
 
 # If you are using UJS then enable automatic nonce generation