diff --git a/library/Icinga/Web/Controller/ActionController.php b/library/Icinga/Web/Controller/ActionController.php
index 00af3ba74..17228abad 100644
--- a/library/Icinga/Web/Controller/ActionController.php
+++ b/library/Icinga/Web/Controller/ActionController.php
@@ -6,6 +6,7 @@ namespace Icinga\Web\Controller;
 use Icinga\Application\Modules\Module;
 use Icinga\Common\PdfExport;
 use Icinga\File\Pdf;
+use Icinga\Util\Csp;
 use Icinga\Web\View;
 use ipl\I18n\Translation;
 use Zend_Controller_Action;
@@ -171,6 +172,10 @@ class ActionController extends Zend_Controller_Action
             $this->redirectToLogin(Url::fromRequest());
         }
 
+        if (! $this->isXhr() && $this->Config()->get('security', 'use_strict_csp', false)) {
+            Csp::createNonce();
+        }
+
         $this->view->tabs = new Tabs();
         $this->prepareInit();
         $this->init();
diff --git a/library/Icinga/Web/Response.php b/library/Icinga/Web/Response.php
index 7772b3d6d..6dcd2dcaf 100644
--- a/library/Icinga/Web/Response.php
+++ b/library/Icinga/Web/Response.php
@@ -3,6 +3,8 @@
 
 namespace Icinga\Web;
 
+use Icinga\Application\Config;
+use Icinga\Util\Csp;
 use Zend_Controller_Response_Http;
 use Icinga\Application\Icinga;
 use Icinga\Web\Response\JsonResponse;
@@ -370,6 +372,10 @@ class Response extends Zend_Controller_Response_Http
             if ($redirectUrl !== null) {
                 $this->setRedirect($redirectUrl->getAbsoluteUrl());
             }
+
+            if (Csp::getStyleNonce() && Config::app()->get('security', 'use_strict_csp', false)) {
+                Csp::addHeader($this);
+            }
         }
 
         if (! $this->getHeader('Content-Type', true)) {