diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php
index f2f60af751f..dd21524e7c2 100644
--- a/htdocs/admin/system/security.php
+++ b/htdocs/admin/system/security.php
@@ -574,7 +574,8 @@ print '
';
print 'MAIN_SECURITY_FORCERP = '.getDolGlobalString('MAIN_SECURITY_FORCERP', ''.$langs->trans("Undefined").'').' ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\" so browser doesn't send any referrer when going into another web site domain)
";
print '
';
-print 'WEBSITE_MAIN_SECURITY_FORCECSP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCECSP', ''.$langs->trans("Undefined").'').' ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src *;\")
";
+print 'WEBSITE_MAIN_SECURITY_FORCECSP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCECSP', ''.$langs->trans("Undefined").'');
+print ' ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src *;\")
";
print '
';
print 'WEBSITE_MAIN_SECURITY_FORCERP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCERP', ''.$langs->trans("Undefined").'').' ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"strict-origin-when-cross-origin\")
";