Report an issue in case a sensitive file is marked as Public. Test case 2: Browse through the application with Fiddler or a proxy tool on and observe the cache headers. It cannot be “public” as public attribute allows the files to be cached any where (eg: proxies, gateways) in the network stack where as private allows caching only in user machine. “Cache-Control” or “Pragma” header value can be “private” for some static application files, images or java script files. Select the following: Cached images and files. “Expires” header should have a older date to prevent caching of a page. Google Chrome At the top of the Clear browsing data window, click Advanced. HTTP/200 responses are cacheable by default, unless Expires, Pragma, or Cache-Control headers are present and forbid caching. Search for Command Prompt, right-click the top result, and select the Run as administrator option. In a new chrome tab, enter “ chrome://cache/” to view the cache or navigate to below location.Ĭ:\Users\bharathi\AppData\Local\Google\Chrome\User Data\Default\Cache Cache headers: Type “ about:cache” in Firefox address bar to view the cache or navigate to below locationĬ:\Users\\AppData\ Local\Mozilla\Firefox\Profiles\\Cache Chrome cache location in Windows 7 IE cache location in Windows 7 & 8Ĭ:\Users\\AppData\Local\Microsoft\Windows\Temporary Internet Files Mozilla Firefox cache location in Windows 7 ![]() Test case 1: Browse through the application and r eport an issue if any pages with sensitive information is being cached.īelow are the locations where various browsers cache in stored. Applications generally cache (store temporarily in local memory) some files like script files, images etc., for faster page loading.įor better security, we should not cache web pages containing sensitive information (application data, SSNs, Credit card numbers, Passwords etc.,).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |