Content Security Policy doesn't work in older Samsung TV

I have a Tizen widget wich pointed to my hosted app URL. 

I'm using this config to whitelist some domains that I use in my app:

<access origin="http:://my-domain" subdomains="true"></access>


However, this doesn't seem to work in Samsung 2020 TV, and Samsung advises me to use Content-Security-Policy instead.
So I follow the advice and use this in my config instead:

       default-src 'self' *.my-domain


This works wonder in Samsung 2020, but now my app opened in a windowed browser in older Samsung tvs.

What is the solution that's compatible for all Samsung TVs?

Edited by: Sagala on 15 May, 2020