diff --git a/omeroweb/settings.py b/omeroweb/settings.py
index 7b8b2eea5e..639219b36d 100755
--- a/omeroweb/settings.py
+++ b/omeroweb/settings.py
@@ -1171,8 +1171,8 @@ def check_session_engine(s):
             "Remember to terminate lines with; when necessary."
         ),
     ],
-    # Content-Security-Protocol settings: https://django-csp.readthedocs.io/en/latest/configuration.html
-    # default-src 'none'; script-src 'self'; img-src 'self'; style-src 'self';base-uri 'self';form-action 'self'
+    # Content-Security-Protocol settings:
+    # see https://django-csp.readthedocs.io/en/latest/configuration.html
     "omero.web.csp_default_src": [
         "CSP_DEFAULT_SRC",
         "[\"'self'\"]",