diff --git a/packages/web/next.config.js b/packages/web/next.config.js
index 0e815ab2e..b27ce07c3 100644
--- a/packages/web/next.config.js
+++ b/packages/web/next.config.js
@@ -2,9 +2,15 @@ const ContentSecurityPolicy = `
   default-src 'self';
   base-uri 'self';
   block-all-mixed-content;
+<<<<<<< Updated upstream
   connect-src 'self' ${process.env.NEXT_PUBLIC_SERVER_BASE_URL} proxy-prod.omnivore-image-cache.app accounts.google.com proxy-demo.omnivore-image-cache.app storage.googleapis.com api.segment.io cdn.segment.com widget.intercom.io js.intercomcdn.com api-iam.intercom.io wss://nexus-websocket-a.intercom.io platform.twitter.com;
   font-src 'self' data: cdn.jsdelivr.net;
   form-action 'self' ${process.env.NEXT_PUBLIC_SERVER_BASE_URL} https://getpocket.com/auth/authorize;
+=======
+  connect-src 'self' ${process.env.NEXT_PUBLIC_SERVER_BASE_URL} proxy-prod.omnivore-image-cache.app accounts.google.com proxy-demo.omnivore-image-cache.app storage.googleapis.com api.segment.io cdn.segment.com widget.intercom.io api-iam.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://nexus-europe-websocket.intercom.io wss://nexus-australia-websocket.intercom.io platform.twitter.com;
+  font-src 'self' data: cdn.jsdelivr.net https://js.intercomcdn.com https://fonts.intercomcdn.com;
+  form-action 'self' ${process.env.NEXT_PUBLIC_SERVER_BASE_URL} https://getpocket.com/auth/authorize https://intercom.help https://api-iam.intercom.io https://api-iam.eu.intercom.io https://api-iam.au.intercom.io;
+>>>>>>> Stashed changes
   frame-ancestors 'none';
   frame-src self accounts.google.com platform.twitter.com www.youtube.com www.youtube-nocookie.com;
   manifest-src 'self';
@@ -12,6 +18,7 @@ const ContentSecurityPolicy = `
   style-src 'self' 'unsafe-inline' accounts.google.com cdnjs.cloudflare.com;
   img-src 'self' blob: data: https:;
   worker-src 'self' blob:;
+  media-src: https://js.intercomcdn.com
 `
 
 const moduleExports = {