Effective Date: July 2026
At Directory One, security is a core part of our commitment to providing a safe, reliable, and trustworthy experience for our users. To help protect our website and visitors from common web-based threats, we implement a Content Security Policy (CSP) alongside other industry-standard security measures.
A Content Security Policy (CSP) is a web security standard enforced by modern browsers. It defines which sources of content are permitted to load and execute on our website, helping prevent malicious code from being injected into web pages.
By restricting untrusted content, CSP significantly reduces the risk of attacks such as:
Our Content Security Policy is designed to strengthen website security while maintaining a seamless browsing experience. It helps us:
CSP is one of several security controls we use to safeguard our website and user experience.
When you visit Directory One, your browser receives security instructions that determine which resources are allowed to load. Depending on our current website configuration, these rules may apply to:
Resources originating from unauthorized or untrusted sources may be automatically blocked by the browser in accordance with our security policy.
This Content Security Policy applies to all publicly accessible pages, applications, and digital services owned and operated by Directory One unless otherwise stated.
The policy governs browser-delivered resources, including but not limited to website scripts, stylesheets, images, fonts, media files, embedded content, APIs, and other web assets delivered through supported browsers.
Directory One implements Content Security Policy controls to support the following objectives:
Our security controls are regularly evaluated and may be modified as our infrastructure, technologies, regulatory obligations, or security requirements evolve.
Where technically appropriate, Directory One configures browser security policies to restrict the loading of website resources to approved origins and trusted service providers.
Depending on website functionality, these resources may include:
Authorized sources may include Directory One infrastructure, trusted cloud service providers, content delivery networks (CDNs), analytics providers, payment processors, communication platforms, and other third-party services required for legitimate website operation.
Our security policies are designed to minimize the execution of unsafe or unauthorized content whenever possible. Depending on operational requirements, our implementation may restrict:
These restrictions help reduce the attack surface while maintaining normal website functionality.
Our Content Security Policy may include technical directives intended to enhance browser security, including, where applicable:
The specific directives implemented may change without prior notice as part of ongoing security maintenance, infrastructure updates, or operational requirements.
We continuously review and improve our website's security practices. Where applicable, CSP violations and other security events may be monitored to identify potential threats, improve our defenses, and maintain the integrity of our services.
Content Security Policy configurations may be updated periodically to:
Such updates may be implemented without prior notice where necessary to protect the security of our systems and users.
If you believe you have discovered a security vulnerability or suspicious activity related to our website, we encourage responsible disclosure by contacting us.
Certain website features may depend upon third-party platforms or vendors to provide functionality, analytics, communication services, payment processing, security services, mapping technologies, content delivery, or other operational capabilities.
Where feasible, Directory One evaluates such providers before permitting their resources within applicable Content Security Policy configurations. However, Directory One does not control the security practices, availability, or operational policies of independent third-party organizations.
Users accessing third-party content remain subject to the applicable terms, privacy policies, and security practices of those providers.
While Content Security Policy provides an important layer of protection, no single security measure can eliminate every possible threat. Directory One employs multiple security practices, regular monitoring, and ongoing updates to help maintain a secure environment for our users.
As our website evolves, our Content Security Policy and related security configurations may also change. This page may be updated periodically to reflect improvements to our security practices and compliance requirements. We encourage visitors to review this page from time to time for the latest information.
If you have any questions about this Content Security Policy or our website security practices, please contact us through our Contact Us page. We appreciate your trust in Directory One and remain committed to maintaining a secure and dependable online experience for all visitors.