diff --git a/nginx.conf b/nginx.conf
index 18a3f1453..1db8fea3f 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -39,7 +39,7 @@ http {
             index  index.html index.htm;
 
             add_header Cache-Control "no-cache";
-            add_header Content-Security-Policy "default-src 'self'; connect-src https://api.ipa.ucdavis.edu https://dw.dss.ucdavis.edu; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com";
+            add_header Content-Security-Policy "default-src 'self'; connect-src https://api.ipa.ucdavis.edu https://dw.dss.ucdavis.edu; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://www.youtube.com;";
             add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
             add_header X-Content-Type-Options "nosniff";