Category:WASS Page Caching

From OWASP
Jump to: navigation, search

Disable caching of sensitive pages.

Caching of files is a common mechanism to improve performance, but may have unintended side effects. As described in other requirements, caching may also make it easy for unauthorized users to discover sensitive information.

  1. All pages of the application that contain sensitive information (including the login page) should utilize HTTP headers or HTML meta tags as a directive to the browser or network appliances and prevent them from caching data

This category currently contains no pages or media.