diff --git a/app/__init__.py b/app/__init__.py
index 2d574b13f..89dacf76b 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -170,13 +170,13 @@ def _csp(config):
             "https://dap.digitalgov.gov",
             "https://cdn.socket.io",
         ],
-        "connect-src": [
+        "connect-src": list(dict.fromkeys([
             "'self'",
             "https://gov-bam.nr-data.net",
             "https://www.google-analytics.com",
             f"{api_public_url}",
             f"{api_public_ws_url}",
-        ],
+        ])),
         "style-src": ["'self'", asset_domain],
         "img-src": ["'self'", asset_domain],
     }
diff --git a/app/config.py b/app/config.py
index d200f7d21..68b780290 100644
--- a/app/config.py
+++ b/app/config.py
@@ -12,8 +12,8 @@ class Config(object):
     NOTIFY_APP_NAME = "admin"
     NOTIFY_ENVIRONMENT = getenv("NOTIFY_ENVIRONMENT", "development")
     API_HOST_NAME = getenv("API_HOST_NAME", "localhost")
-    API_PUBLIC_URL = getenv("API_PUBLIC_URL", "http://localhost")
-    API_PUBLIC_WS_URL = getenv("API_PUBLIC_WS_URL", "ws://localhost")
+    API_PUBLIC_URL = getenv("API_PUBLIC_URL", "localhost")
+    API_PUBLIC_WS_URL = getenv("API_PUBLIC_WS_URL", "localhost")
 
     ADMIN_BASE_URL = getenv("ADMIN_BASE_URL", "http://localhost:6012")
     HEADER_COLOUR = "#81878b"  # mix of dark-grey and mid-grey