ong
ong copied to clipboard
do we need to do anything about headers used for caching??
https://simonhearne.com/2022/caching-header-best-practices/
If we do anything here, we ought to aware of interaction of caching and Authorization http headers: https://httptoolkit.com/blog/bunny-cdn-caching-vulnerability/
Look at all auth headers: https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication