diff --git a/static/Caddyfile b/static/Caddyfile
index b355ad4..0640323 100644
--- a/static/Caddyfile
+++ b/static/Caddyfile
@@ -33,9 +33,10 @@ http://static-mat-services.fly.dev/ {
     # keep referrer data off of HTTP connections
     Referrer-Policy strict-origin-when-cross-origin
     # content security policy
+    # style-src: 'unsafe-inline' is currently enabled for syntax highlighting in codefences
     Content-Security-Policy "default-src 'none';
       img-src 'self';
-      style-src 'self' https://cdn.jsdelivr.net/;
+      style-src 'self' https://cdn.jsdelivr.net/ 'unsafe-inline';
       font-src 'self' https://cdn.jsdelivr.net/;
       frame-ancestors 'none';
       base-uri 'none';