Cache Poisoning Analyzer
Test HTTP headers for potential web cache poisoning vulnerabilities
Test Configuration
Enter the URL you want to test for cache poisoning vulnerabilities
| Header Name | Value | Actions |
|---|---|---|
Test Results
Understanding Web Cache Poisoning
What is Web Cache Poisoning?
Web cache poisoning is an attack where an attacker exploits the behavior of a web server and cache to serve malicious content to other users. This occurs when the cache stores responses based on certain request attributes (the cache key) but the response content is influenced by other attributes not included in the cache key.
Key Concepts
- Cache Keys: Request components used to determine if a response is cached (e.g., URL, Host header)
- Unkeyed Inputs: Request components that affect the response but aren't part of the cache key
- Cache Poisoning: Occurs when an attacker manipulates unkeyed inputs to store a malicious response in the cache
- Cache Busting: Using unique query parameters to bypass the cache and test different payloads
Prevention Techniques
- Include all request headers that affect the response in the cache key
- Disable caching for responses that include user-specific or sensitive content
- Implement proper input validation for all headers that affect the response
- Use cache purging mechanisms to quickly remove poisoned content
- Consider using Cache-Control: private for sensitive resources
Note: This tool provides a simulation of how different headers might affect caching behavior. Real-world cache behavior can vary significantly between different CDNs, reverse proxies, and caching systems.