Work with security headers
Describes the security headers settings in Optimizely Configured Commerce
If you want to increase the security of your Optimizely Configured Commerce site, you can use the Content-Security-Policy header.
Note
You must have the role of ISC_System or ISC_Implementer to edit these options.
You can find this setting under Administration > Settings > Site Configurations > Security Headers in the Admin Console. Content-Security-Policy acts as an added layer of security to prevent cross-site scripting (XSS).
Warning
Incorrectly implementing this setting could break your website.
Updated about 1 month ago