Missing or Insecure Cache-Control Header
Impact: Informational
Description
Web cache or HTTP cache is a system for optimizing the web. Browsers cache contents of a resource once and reuse it on consequent requests. Caching images on the web can boost page load time. But clients should not be allowed to cache pages that display sensitive, dynamic, or user specific contents.
Recommendation
Set any of following headers to prevent clients from caching the page.
Cache-Control: no-cache, no-store
Cache-Control: max-age=0, must-revalidate
Cache-Control: private
References
👉 You might also like:
X-Powered-By Header Found - Vulnerability
PHP Version Disclosure - Vulnerability
Unreferenced Login Page Found - Vulnerability
ASP.NET Version Disclosure - Vulnerability
Last updated on April 10, 2022