Hi,
it seems that iframe integration stops to work due new headers, maybe you can fix the img-src (you use image-src what's wrong) and at a general iframe-src
like
Code:
content-security-policy="default-src 'self' data: 'unsafe-inline' 'unsafe-eval'; img-src * data:; frame-src * data:"
regards
Markus