This article is a part of our Web Security Knowledge Base (back to index)
Why Retrieved from Cache can be dangerous
The ‘Retrieved from Cache’ means that the content was retrieved from a shared cache. If the data from the HTTP response is sensitive, personal or user-specific, this may result in sensitive information being lacked. This can allow hackers to take a complete control of the session of another user.
How to fix Retrieved from Cache
Make sure the HTTP responses does not contain any sensitive, personal or user-specific data where possible. If it does contain such data, consider using ‘Cache-Control’, ‘Pragma’ and ‘Expires’ HTTP response headers. This will limit or prevent the content being stored and retrieved from cache by another user.
Example:
Cache-Control: no-cache, no-store, must-revalidate, private Pragma: no-cache Expires: 0
How does ScanRepeat report Retrieved from Cache
ScanRepeat analyzes every HTTP response received to check whether data was actually served from the cache. To do that it reads values of ‘X-Cache’ header of HTTP response. ScanRepeat reports every URL that has been proved to have been served from a shared cache.
Would you like to test your application now against this problem? Sign up for our free trial
Scan Your Web App Now