diff --git a/app/templating/AssetHelper.scala b/app/templating/AssetHelper.scala
index 05b4ce3b4d..7942ed1e2d 100644
--- a/app/templating/AssetHelper.scala
+++ b/app/templating/AssetHelper.scala
@@ -101,10 +101,8 @@ trait AssetHelper { self: I18nHelper =>
     )
   }
 
-  def defaultCsp(implicit ctx: Context): ContentSecurityPolicy = {
-    implicit val req = ctx.req
-    basicCsp.withNonce(ctx.nonce)
-  }
+  def defaultCsp(implicit ctx: Context): ContentSecurityPolicy =
+    basicCsp(ctx.req).withNonce(ctx.nonce)
 
   def embedJsUnsafe(js: String)(implicit ctx: Context): Html = Html {
     s"""<script nonce="${ctx.nonce}">$js</script>"""
diff --git a/modules/common/src/main/ContentSecurityPolicy.scala b/modules/common/src/main/ContentSecurityPolicy.scala
index 4db049f194..e58450ae20 100644
--- a/modules/common/src/main/ContentSecurityPolicy.scala
+++ b/modules/common/src/main/ContentSecurityPolicy.scala
@@ -49,11 +49,8 @@ case class ContentSecurityPolicy(
       "child-src " -> childSrc,
       "img-src " -> imgSrc,
       "script-src " -> scriptSrc
-    ) filter {
-        case (_, sources) =>
-          sources.nonEmpty
-      } map {
-        case (directive, sources) =>
+    ) collect {
+        case (directive, sources) if sources.nonEmpty =>
           sources.mkString(directive, " ", ";")
       } mkString (" ")
 }
diff --git a/modules/common/src/main/Nonce.scala b/modules/common/src/main/Nonce.scala
index 0017013b70..b48a836c44 100644
--- a/modules/common/src/main/Nonce.scala
+++ b/modules/common/src/main/Nonce.scala
@@ -1,7 +1,5 @@
 package lila.common
 
-import java.security.SecureRandom
-
 import ornicar.scalalib.Random
 
 case class Nonce(value: String) extends AnyVal {
@@ -10,9 +8,5 @@ case class Nonce(value: String) extends AnyVal {
 }
 
 object Nonce {
-  def random: Nonce = {
-    val bytes = new Array[Byte](15)
-    new SecureRandom().nextBytes(bytes)
-    Nonce(bytes.toBase64)
-  }
+  def random: Nonce = Nonce(Random.secureString(20))
 }