This plugin analyzes every HTTPS response and reports instances of incorrect cache control which might lead the user’s browser to cache sensitive contents on their system. The expected headers for HTTPS responses are:
- Pragma: No-cache
- Cache-control: No-store
This plugin doesn’t have any user configured options.
For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
Plugin source code
Unittest source code
This plugin has no dependencies.