Testing for Browser Cache Weaknesses
OWASP Web Security Testing Guide 4.2 > 4. Authentication Testing > 4.6. Testing for Browser Cache Weaknesses
ID | Link to Hackinglife | Link to OWASP | Description |
---|---|---|---|
4.6 | WSTG-ATHN-06 | Testing for Browser Cache Weaknesses | - Review if the application stores sensitive information on the client-side. - Review if access can occur without authorization. - Check browser history issue by clicking "Back" button after logging out. - Check browser cache issue from HTTP response headers (Cache-Control: nocache) |