diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9fa7a6729..c21caa910 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,7 @@
 - Updated typescript to v4.6.3
 - Webpack overlay will now report eslint issues
 - Linted all code according to eslint rules
+- Fix a bug: Refused to connect to 'wss://localhost:3035/ws' when using a https tunnel in development mode
 
 ## v5.3.7 2022 March 28
 
diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index 0c70b1579..a92544780 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -7,7 +7,7 @@
 # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
 
 Rails.application.config.content_security_policy do |policy| #   # If you are using webpack-dev-server then specify webpack-dev-server host
-  policy.connect_src :self, :https, 'http://localhost:3035', 'ws://localhost:3035' if Rails.env.development?
+  policy.connect_src :self, :https, :wss, 'http://localhost:3035', 'ws://localhost:3035' if Rails.env.development?
 
 #   policy.default_src :self, :https
 #   policy.font_src    :self, :https, :data