If you want to increase the security of your Optimizely Configured Commerce site, you can use the Content-Security-Policy header.
You must have the role of ISC_System or ISC_Implementer to edit these options.
You can find this setting under Administration > Settings > Site Configurations > Security Headers in the Admin Console. Content-Security-Policy acts as an added layer of security to prevent cross-site scripting (XSS).
Incorrectly implementing this setting could break your website.
Updated about 2 months ago