diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index 9797185fd..4c841ec47 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -40,6 +40,7 @@ Rails.application.config.content_security_policy do |policy|
   frame_whitelist << URI(MATOMO_IFRAME_URL).host if Rails.application.secrets.matomo[:enabled]
   # allow pdf iframes in the PJ gallery
   frame_whitelist << URI(DS_PROXY_URL).host if DS_PROXY_URL.present?
+  frame_whitelist << "*.crisp.help" if Rails.application.secrets.crisp[:enabled]
   policy.frame_src(:self, *frame_whitelist)
 
   # Everything else: allow us