diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index 2217e2721..2ada87feb 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -11,9 +11,9 @@ ActiveSupport::Reloader.to_prepare do
     policy.font_src    :self, :https, :data
     policy.img_src     :self, :https, :data, :blob
     policy.object_src  :none
-    policy.script_src  :self, :unsafe_eval, *Extends::EXTERNAL_SERVICES
+    policy.script_src  :self, :unsafe_eval, *Extends::EXTERNAL_SCRIPT_SERVICES
     policy.style_src   :self, :https, :unsafe_inline, :data
-    policy.connect_src :self, :data, *Extends::EXTERNAL_SERVICES
+    policy.connect_src :self, :data, *Extends::EXTERNAL_CONNECT_SERVICES
 
     # Specify URI for violation reports
     # policy.report_uri "/csp-violation-report-endpoint"
@@ -44,8 +44,8 @@ Rails.application.config.content_security_policy_nonce_directives = %w(script-sr
 Rails.application.configure do
   config.after_initialize do
     if ActiveStorage::Blob.service.name == :amazon
-      Extends::EXTERNAL_SERVICES += [ActiveStorage::Blob.service.bucket.url]
-      Rails.application.config.content_security_policy.connect_src :self, :data, *Extends::EXTERNAL_SERVICES
+      Extends::EXTERNAL_CONNECT_SERVICES += [ActiveStorage::Blob.service.bucket.url]
+      Rails.application.config.content_security_policy.connect_src :self, :data, *Extends::EXTERNAL_CONNECT_SERVICES
     end
   end
 end
diff --git a/config/initializers/extends.rb b/config/initializers/extends.rb
index a96628aed..a7c38f719 100644
--- a/config/initializers/extends.rb
+++ b/config/initializers/extends.rb
@@ -589,22 +589,25 @@ class Extends
     'FluicsLabelTemplate' => 'Fluics'
   }
 
-  EXTERNAL_SERVICES = %w(
+  EXTERNAL_SCRIPT_SERVICES = %w(
+    https://marvinjs.chemicalize.com/
+    www.recaptcha.net/
+    www.gstatic.com/recaptcha/
+  )
+
+  EXTERNAL_CONNECT_SERVICES = %w(
     https://www.protocols.io/
     http://127.0.0.1:9100/
-    https://marvinjs.chemicalize.com/
     newrelic.com
     *.newrelic.com
     *.nr-data.net
-    www.recaptcha.net/
-    www.gstatic.com/recaptcha/
     extras.scinote.net
     https://www.scinote.net
   )
 
-  if Constants::ASSET_SYNC_URL && EXTERNAL_SERVICES.exclude?(Constants::ASSET_SYNC_URL)
+  if Constants::ASSET_SYNC_URL && EXTERNAL_CONNECT_SERVICES.exclude?(Constants::ASSET_SYNC_URL)
     asset_sync_url = URI.parse(Constants::ASSET_SYNC_URL)
-    EXTERNAL_SERVICES << "#{asset_sync_url.scheme}://#{asset_sync_url.host}:#{asset_sync_url.port}"
+    EXTERNAL_CONNECT_SERVICES << "#{asset_sync_url.scheme}://#{asset_sync_url.host}:#{asset_sync_url.port}"
   end
 
   COLORED_BACKGROUND_ACTIONS = %w(