ASVS Requirement 14.3.2

• Level: 2
• Chapter: V14 Data Protection
• Section: V14.3 Client-side Data Protection
• Source: 0x23-V14-Data-Protection.md

Description

Verify that the application sets sufficient anti-caching HTTP response header fields (i.e., Cache-Control: no-store) so that sensitive data is not cached in browsers.