diff --git a/group_vars/all.yml b/group_vars/all.yml
index 1398d229c..8f48e4908 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -36,7 +36,7 @@ httpd_csp:
   lenient_with_static_img_with_oidcng: "default-src; object-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self' {{ oidcng_vhost }}; img-src 'self' {{ static_vhost }} data:; form-action 'self'; base-uri 'none'"
   strict: "default-src; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self'; img-src 'self' data:; form-action 'self'; base-uri 'none'"
   strict_with_static_img: "default-src; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self'; img-src 'self' {{ static_vhost }} data:; form-action 'self'; base-uri 'none'"
-  lenient_with_static_img_for_idp: "default-src; object-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self'; img-src 'self' {{ static_vhost }} data:; form-action 'self' *.{{ base_domain }}; base-uri 'none'"
+  lenient_with_static_img_for_idp: "default-src; object-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self' {{ oidcng_vhost }}; img-src 'self' {{ static_vhost }} data:; form-action 'self' *.{{ base_domain }}; base-uri 'none'"
 
   nothing: "default-src 'none'; frame-ancestors 'none'; form-action 'none'; base-uri 'none'"