Hi,
I have the penetration issue about Insecure browser caching, Could you please suggest us the solution to prevent the attacker able to get sensitive data (details page) in cache files? The testing result shown that a sensitive data was store in the client side cache.
Recently, I implemented the solution to add Header action that founded in the forum (reference URL: https://www.outsystems.com/forums/discussion/51579/how-to-prevent-cache-in-web-page/)
but it still didn't pass the penetration test.
Thank you in advance.
I guess this link from OWASP and other explaining each attributes can give you a north how to do it.
https://is.gd/jVSpSA
https://is.gd/erSsSj