In your etc/apache/conf.d/security.conf
In the IfModule mod_headers.c section.
Header always set Content-Security-Policy .... ; frame-ancestors 'self' www.checkmk.de; ....
Worst case child-src 'self' www.checkmk.de
2 Likes