Workerpark is committed to protecting the security and privacy of our website users. We use Content Security Policy (CSP) to help prevent cross-site scripting (XSS) attacks and other security threats that can compromise the confidentiality, integrity, and availability of our users' data.

I. What is CSP?

CSP is a security standard that allows website owners to control which resources (such as scripts, stylesheets, and images) are allowed to be loaded on their web pages.
By implementing CSP, we can help prevent malicious actors from injecting and executing malicious code on our website.

II. Our CSP Policy

Our CSP policy is based on the following directives:

• "default-src: self" - To only allow resources from our own domain to be loaded.
• "script-src: self" - To only allow scripts from our own domain to be executed.
• "style-src: self" - To only allow styles from our own domain to be applied.
• "img-src: self data:" - To only allow images from our own domain to be loaded.
• "font-src: self" - To only allow fonts from our own domain to be loaded.
• "object-src: self" - To only allow plugin content from our own domain to be loaded.
• "frame-ancestors: self" - To only allow embedding of our website on our own domain.

III. Testing and Monitoring

We regularly test and monitor our CSP policy to ensure that it is working as intended and providing the highest level of security for our users. If you notice any issues or have any questions about our CSP policy, please contact us at contact@workerpark.com.

IV. Changes to this CSP Policy

We may update this CSP policy from time to time to reflect changes in our business or security requirements. We will notify you of any changes by updating this page and/or by sending you an email notification.