Uploaded image for project: 'Xporter for Jira Cloud'
  1. Xporter for Jira Cloud
  2. XPORTERCLOUD-2244

AMS-22141 - Xporter has failed the caching security requirement

    XporterXMLWordPrintable

Details

    • OK

    Description

      Description

       
      Xporter has failed the Application security requirement 7.3

      • An application must disable caching on all HTTPS pages that contain sensitive data by using no-cache and no-storeinstead of private in the cache control header.

      Evidence:
      The HTTP response was found to contain no Cache-Control header. An example response below shows no Cache-Control header returned by the server. This was to the /auditlogs endpoint.

      Mitigation Recommendation
      Ensure the application disable caching on all HTTPS pages that contain sensitive data by using no-cache and no-store instead of private in the cache control header.

      Attachments

        Issue Links

          Activity

            People

              nikhil.diwan Nikhil Diwan
              bernardo.cottim Bernardo Cottim
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: