If you want to increase the security of your Optimizely Configured Commerce site, you can use the Content-Security-Policy header.
You must have the role of ISC_System or ISC_Implementer to edit this option.
You can find this setting under Administration > Settings > Site Configurations > Security Headers in the Admin Console. Content-Security-Policy acts as an added layer of security to prevent cross-site scripting (XSS).
Talk to your partner or developer before implementing this setting as it could break your website.
See Mozilla's Content Security Policy article for information.
Please sign in to leave a comment.