diff --git a/lib/httplib/httpheaders.go b/lib/httplib/httpheaders.go
index c60af496fb455..d335e23f20488 100644
--- a/lib/httplib/httpheaders.go
+++ b/lib/httplib/httpheaders.go
@@ -99,6 +99,9 @@ func GetDefaultContentSecurityPolicy() string {
 		"frame-ancestors 'none'",
 		// additional default restrictions
 		"object-src 'none'",
+		// auto-pay plans in Cloud use stripe.com to manage billing information
+		"script-src 'self' https://js.stripe.com",
+		"frame-src https://js.stripe.com",
 	}, ";")
 }