diff --git a/app/Http/Middleware/AddContentSecurityPolicy.php b/app/Http/Middleware/AddContentSecurityPolicy.php
index 92be6a6..8c911a5 100644
--- a/app/Http/Middleware/AddContentSecurityPolicy.php
+++ b/app/Http/Middleware/AddContentSecurityPolicy.php
@@ -24,8 +24,9 @@ class AddContentSecurityPolicy
                    "style-src 'self' 'unsafe-inline' http: https:; " .
                    "connect-src 'self' ws: http: https:;";
         } else {
-            // Production CSP - Livewire v3 requires unsafe-eval
-            $csp = "script-src 'self' 'unsafe-eval' https:; " .
+            // Production CSP - Livewire v3 requires unsafe-eval and nonce for inline scripts
+            $nonce = csp_nonce();
+            $csp = "script-src 'self' 'unsafe-eval' 'nonce-{$nonce}' https:; " .
                    "style-src 'self' 'unsafe-inline' https:; " .
                    "connect-src 'self' https:;";
         }