Dev GuideAPI Reference
Dev GuideAPI ReferenceUser GuideGitHubNuGetDev CommunitySubmit a ticketLog In
GitHubNuGetDev CommunitySubmit a ticket

Work with security headers

Describes the security headers settings in Optimizely Configured Commerce

If you want to increase the security of your Optimizely Configured Commerce site, you can use the Content-Security-Policy header.



You must have the role of ISC_System or ISC_Implementer to edit these options.

You can find this setting under AdministrationSettingsSite ConfigurationsSecurity Headers in the Admin Console. Content-Security-Policy acts as an added layer of security to prevent cross-site scripting (XSS).



Incorrectly implementing this setting could break your website.