diff --git a/views/bootstrap/class.Bootstrap.php b/views/bootstrap/class.Bootstrap.php
index 444c0bcbc..f43c8ad5d 100644
--- a/views/bootstrap/class.Bootstrap.php
+++ b/views/bootstrap/class.Bootstrap.php
@@ -54,12 +54,13 @@ class SeedDMS_Bootstrap_Style extends SeedDMS_View_Common {
 			/* We still need unsafe-eval, because printDocumentChooserHtml and
 			 * printFolderChooserHtml will include a javascript file with ajax
 			 * which is evaled by jquery
+			 * worker-src blob: is needed for cytoscape
 			 * X-WebKit-CSP is deprecated, Chrome understands Content-Security-Policy
 			 * since version 25+
 			 * X-Content-Security-Policy is deprecated, Firefox understands
 			 * Content-Security-Policy since version 23+
 			 */
-			$csp_rules = "script-src 'self' 'unsafe-eval';"; // style-src 'self';";
+			$csp_rules = "script-src 'self' 'unsafe-eval'; worker-src blob:;"; // style-src 'self';";
 			foreach (array("X-WebKit-CSP", "X-Content-Security-Policy", "Content-Security-Policy") as $csp) {
 				header($csp . ": " . $csp_rules);
 			}