If you want to increase the security of your Optimizely Configured Commerce site, you can use the Content-Security-Policy header.
You must have the role of ISC_System or ISC_Implementer to edit this option.
You can find this setting under Administration > Settings > Site Configurations > Security Headers in the Admin Console. Content-Security-Policy acts as an added layer of security to prevent cross-site scripting (XSS).
Talk to your partner or developer before implementing this setting as it could break your website.