Caching data "to disk" or to temp files can lead to what HP Fortify would consider a security hole. If you see Cache-Control: no-cache in the header of a request in Fiddler you have the problem. This touches on what to do about it and it looks to me like a mix of IIS settings and Web.config settings.
No comments:
Post a Comment