diff --git a/security/views.py b/security/views.py
index 2a6455c..26ccd32 100644
--- a/security/views.py
+++ b/security/views.py
@@ -8,6 +8,8 @@
 import logging
 log = logging.getLogger(__name__)
 
+ACCEPTABLE_CONTENT_TYPES = ['application/json', 'application/csp-report']
+
 
 def require_ajax(view):
     """
@@ -58,7 +60,7 @@ def csp_report(request, csp_save=False, csp_log=True):
         return HttpResponseForbidden()
 
     content_type = request.META.get('CONTENT_TYPE', None)
-    if content_type != 'application/json':
+    if content_type not in ACCEPTABLE_CONTENT_TYPES:
         log.debug('Missing CSP report Content-Type %s', request.META)
         return HttpResponseForbidden()