diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
index 45d44824b15..af52e1a9434 100644
--- a/config/initializers/content_security_policy.rb
+++ b/config/initializers/content_security_policy.rb
@@ -55,7 +55,7 @@
   # Suggested nonce generator doesn't work on first page load https://github.com/rails/rails/issues/48463
   # Related PR attempting to fix: https://github.com/rails/rails/pull/48510
   request.session.send(:load_for_write!) # force session to be created
-  request.session.id.to_s.presence || raise("No session ID available in #{request.inspect}")
+  request.session.id.to_s.presence || SecureRandom.base64(16)
 }
 Rails.application.config.content_security_policy_nonce_directives = %w[script-src style-src]