diff --git a/lib/Service/FileService.php b/lib/Service/FileService.php
index a669c609a..2112a30f1 100644
--- a/lib/Service/FileService.php
+++ b/lib/Service/FileService.php
@@ -236,14 +236,15 @@ class FileService implements IAttachmentService {
 		} else {
 			$response = new FileDisplayResponse($file);
 		}
-		if ($file->getMimeType() === 'application/pdf') {
-			// We need those since otherwise chrome won't show the PDF file with CSP rule object-src 'none'
-			// https://bugs.chromium.org/p/chromium/issues/detail?id=271452
-			$policy = new ContentSecurityPolicy();
-			$policy->addAllowedObjectDomain('\'self\'');
-			$policy->addAllowedObjectDomain('blob:');
-			$response->setContentSecurityPolicy($policy);
-		}
+		// We need those since otherwise chrome won't show the PDF file with CSP rule object-src 'none'
+		// https://bugs.chromium.org/p/chromium/issues/detail?id=271452
+		$policy = new ContentSecurityPolicy();
+		$policy->addAllowedObjectDomain('\'self\'');
+		$policy->addAllowedObjectDomain('blob:');
+		$policy->addAllowedMediaDomain('\'self\'');
+		$policy->addAllowedMediaDomain('blob:');
+		$response->setContentSecurityPolicy($policy);
+
 		$response->addHeader('Content-Type', $file->getMimeType());
 		return $response;
 	}
diff --git a/tests/unit/Service/FileServiceTest.php b/tests/unit/Service/FileServiceTest.php
index 57dda5722..e8662b775 100644
--- a/tests/unit/Service/FileServiceTest.php
+++ b/tests/unit/Service/FileServiceTest.php
@@ -272,7 +272,12 @@ class FileServiceTest extends TestCase {
 		$expected = new StreamResponse('fileresource');
 		$expected->addHeader('Content-Type', 'image/jpeg');
 		$expected->addHeader('Content-Disposition', 'inline; filename="' . rawurldecode($file->getName()) . '"');
-
+		$policy = new ContentSecurityPolicy();
+		$policy->addAllowedObjectDomain('\'self\'');
+		$policy->addAllowedObjectDomain('blob:');
+		$policy->addAllowedMediaDomain('\'self\'');
+		$policy->addAllowedMediaDomain('blob:');
+		$expected->setContentSecurityPolicy($policy);
 		$this->assertEquals($expected, $actual);
 	}
 
@@ -305,6 +310,8 @@ class FileServiceTest extends TestCase {
 		$policy = new ContentSecurityPolicy();
 		$policy->addAllowedObjectDomain('\'self\'');
 		$policy->addAllowedObjectDomain('blob:');
+		$policy->addAllowedMediaDomain('\'self\'');
+		$policy->addAllowedMediaDomain('blob:');
 		$expected->setContentSecurityPolicy($policy);
 		$this->assertEquals($expected, $actual);
 	}