Incomplete or No Cache-control and Pragma HTTP Header Set

Type: Passive Scan

Description

The cache-control and pragma HTTP header have not been set properly or are missing allowing the browser and proxies to cache content.

Solution

Whenever possible ensure the cache-control HTTP header is set with no-cache, no-store, must-revalidate; and that the pragma HTTP header is set with no-cache.

References

Code

Last updated: 2020-04-30 16:12:39.623Z