Try adding
<!--Security Policy-->
<meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-inline' https://*/">
To the head area of your page. You may also have to add the full web url / path to some Actions, like below:
<!--Security Policy-->
<meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-inline' https://www.DOMAIN.COM/dmxConnect/api/Access/AccessUserArea/AccessUserArea.php https://*/">
Domains separated by a space only, no commas.
You may also have to add or edit the following in your config.xml file
<access origin="https://DOMAIN.COM/dmxConnect/api/Access/LoginAccess.php"/>
Or you could just try with:
<access origin="https://*/*"/>