diff --git a/apps/susimail/src/js/folder.js b/apps/susimail/src/js/folder.js
index b7646fa1e..bb6948b9f 100644
--- a/apps/susimail/src/js/folder.js
+++ b/apps/susimail/src/js/folder.js
@@ -40,7 +40,7 @@ function addClickHandler2(elem)
 		var form = document.forms[0];
 		form.delete.disabled = false;
 		form.markall.disabled = true;
-		form.clearselection.disabled = true;
+		form.clearselection.disabled = false;
 		var buttons = document.getElementsByClassName("delete1");
 		for(index = 0; index < buttons.length; index++)
 		{
@@ -57,7 +57,7 @@ function addClickHandler3(elem)
 		var form = document.forms[0];
 		form.delete.disabled = true;
 		form.markall.disabled = false;
-		form.clearselection.disabled = false;
+		form.clearselection.disabled = true;
 		var buttons = document.getElementsByClassName("delete1");
 		for(index = 0; index < buttons.length; index++)
 		{
diff --git a/apps/susimail/src/src/i2p/susi/webmail/WebMail.java b/apps/susimail/src/src/i2p/susi/webmail/WebMail.java
index 05bbdbc57..50e1ae511 100644
--- a/apps/susimail/src/src/i2p/susi/webmail/WebMail.java
+++ b/apps/susimail/src/src/i2p/susi/webmail/WebMail.java
@@ -2011,7 +2011,7 @@ public class WebMail extends HttpServlet
 		httpRequest.setCharacterEncoding("UTF-8");
 		response.setCharacterEncoding("UTF-8");
                 response.setHeader("X-Frame-Options", "SAMEORIGIN");
-                response.setHeader("Content-Security-Policy", "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; media-src 'none'");
+                response.setHeader("Content-Security-Policy", "default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; media-src 'none'");
                 response.setHeader("X-XSS-Protection", "1; mode=block");
 		response.setHeader("X-Content-Type-Options", "nosniff");
 		response.setHeader("Referrer-Policy", "no-referrer");