This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Category:WASS Page Caching

Jump to: navigation, search

Disable caching of sensitive pages.

Caching of files is a common mechanism to improve performance, but may have unintended side effects. As described in other requirements, caching may also make it easy for unauthorized users to discover sensitive information.

  1. All pages of the application that contain sensitive information (including the login page) should utilize HTTP headers or HTML meta tags as a directive to the browser or network appliances and prevent them from caching data

This category currently contains no pages or media.