[2990] in WWW Security List Archive
Re: browser Cache-Control
daemon@ATHENA.MIT.EDU (David W. Morris)
Thu Sep 19 04:38:35 1996
Date: Wed, 18 Sep 1996 23:48:55 -0700 (PDT)
From: "David W. Morris" <dwm@shell.portal.com>
To: David Kennan <dkennan@lds.com>
cc: www-security@ns2.rutgers.edu
In-Reply-To: <324089A2.6F5F@lds.com>
Errors-To: owner-www-security@ns2.rutgers.edu
On Wed, 18 Sep 1996, David Kennan wrote:
> I am compiling a list of browsers that support
>
> 1. HTML Tables
> 2. SSL
> 3. 128-bit session encryption
> 4. server-side prevention of browser caching
I think what you plan to collect will be useful, BUT YOU MUST define
much more precisely what you mean by 'browser caching'. There is a
discussion of the difference between a cache and history list mechanism
in the HTTP 1.1 draft/rfc. You might start there.
For example, depending on an applications security requirements, you may
want any one of the following behaviors:
a. No restrictions on browsr local storage of and representation of
results
b. No storage external to the program, RAM OK
c. No storage once the user leaves the page
d. Print disabled
e. Cut/paste disabled
From a UI design perspective, there is quite a distinction between
allowing the user to page back via a history mechanism (which is an
important electronic alternative to paper) and having a page represented
via a cache when an explicit request is made for the URL. For example,
a user might like to review the result of their book order within the
history cache but would not ever want the order replaced in order to
present the result page again. Caching is a virtual replacement for
replacing a request, the history mechanism is a memory aid.
Typical UAs are not well behaved in their distinction between history of
what was viewed and handling a new request.
In each of these cases, the security issues have an impact. Data should
not be stored on disk if you don't want it stored on disk for security
reasons. If you are concerned about a shared access system, you may not
even what it represented from memory via the History buffer. OR you
may be willing to allow representation via HISTORY but not by selecting
the link. Etc.
Caching is a term best used to describe substitution of locally stored
information for what would other wise be a network request.
From a security issues perspective, you need to consider if and how the
information is stored and how it is available to the user. Describing the
problem as caching and preventing it will not result in complete analysis
of the security issues.
Dave Morris
