Document Caching Attack

Forum|Forum|8 years ago
October 17, 2017
1 reply
2416 views

We have our landing pages go through vulnerability scans to test for any vulnerabilities and 'document caching' keeps coming up. This in turn raises our harm score. Are there any additional methods besides HTML markup to disable caching through Marketo? Server settings we can set? The PDFs are not confidential or sensitive in nature, the goal is to reduce the score produced by the vulnerability scans.

Marketo

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

SanfordWhiteman

Level 10

Instead of alarming people with "attack" please explain what you think is a vulnerability.

Homero_Cavazos1Author

Level 2

The scan application defines it as an attack. I have advised my client that the documents in question are not sensitive in nature and the score is not anything to be concerned about. But to satisfy my client's concern I am seeking confirmation from this forum that we/Marketo authors have no control over server configuration for caching assets. Does this make more sense?

SanfordWhiteman

Level 10

That is correct. You have no control over the server headers if you serve assets from Marketo's CDN & origin servers. If you serve them via your own CDN you can tweak the headers to your heart's content.

Since these are not confidential documents, however, the results are irrelevant as the test is merely signaling you that if a doc is intended to be confidential you may wish to make it more ephemeral.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded