diff --git a/server.js b/server.js
index ec89ef2af..0db55f8d0 100644
--- a/server.js
+++ b/server.js
@@ -34,6 +34,7 @@ var setHeaders = (function () {
     const headers = clone(config.httpHeaders);
     if (config.contentSecurity) {
         headers['Content-Security-Policy'] = clone(config.contentSecurity);
+        if (!/;$/.test(headers['Content-Security-Policy'])) { headers['Content-Security-Policy'] += ';' }
         if (headers['Content-Security-Policy'].indexOf('frame-ancestors') === -1) {
             // backward compat for those who do not merge the new version of the config
             // when updating. This prevents endless spinner if someone clicks donate.