Vulnerability
Description
Inadequate caching settings can lead to sensitive information being stored locally on clients or proxies. Ensure that the cache-control header is properly configured for all resources.
Recommendation
To prevent unauthorized caching, set the cache-control HTTP header to ‘no-cache, no-store, must-revalidate’. For public assets, consider setting ‘public, max-age, immutable’ instead.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
