In your app’s Environment details, go to tab ‘Network’, tab Http headers and add a value for ‘Content-Security-Policy’:
Read documentation on this: https://docs.mendix.com/developerportal/deploy/environments-details#http-headers
for example: