Hi,
We build an application using Apex 5.0 and we got the subjected vulnerability during our scan to make sure our application is secure.
Applications should return caching directives instructing browsers not to store local copies of any sensitive data. Often, this can be achieved by configuring the web server to prevent caching for relevant paths within the web root. Alternatively, most web development platforms allow you to control the server's caching directives from within individual scripts. Ideally, the web server should return the following HTTP headers in all responses containing sensitive content:
- Cache-control: no-store
- Pragma: no-cache
Query:
Need to know the procedure or process to fix this?
If any one faced this and have an option to rectify it?
other possible options we can use of?