CSA in iframe

Hello,

We have an application portal that references all our tools, like HCM (CSA/OO)
By clicking on a link, the application opens in this portal within an iframe.
The problem is that CSA does not natively allow to be called in an iframe :

We tried to modify some files in node_modules / mpp-ui / dist  by adding thix code Content-Security-Policy "content =" default-src 'self' https://myportal-ppr.ad.com; " without success.
Does anyone know how to allow iframe mode in CSA? 
Thanks