How to setup Content-security-policy settings for a grid loaded in external iframe

Hi, I have Applications that will be loaded using an iframe on a WIX hosted website. I had to add a Content-Security-Policy into the Scriptcase Applications that are used on that site. The initial page loads now but the ‘Refined Search’ links don’t do anything. Also, clicking on the linked Applications (Entry Name or Racer) return an error “Invalid Data”. Any insight into what I might be doing wrong would be appreciated.

Here’s what I added to the Content-Security-Policy in each application.

frame-ancestors https: https://www.raamrace.org https://www.raceacrossamerica.org https://raceacrossamerica.org;
script-src ‘self’ ‘unsafe-inline’ ‘unsafe-eval’ https://www.raamrace.org https://www.raceacrossamerica.org https://raceacrossamerica.org;

My WIX page with the iframe is here. https://www.raamrace.org/copy-of-race-roster
I also setup an iframe example on the same server and it works. https://www.raceacrossamerica.org/raamweb/iframe_entries.html