Jump to: navigation, search

http-security Section

Configures HTTP security for Co-browse resources.


Default value: false
Valid Values: true, false
Changes take effect: Immediately

Disables HTTP client / proxy caching for all resources including static resources. When the option value is set to true, ZAP proxy does not generate the following warnings:

  • Incomplete or no cache-control and pragma HTTPHeader set (Low Risk)
  • Secure page browser cache (Medium Risk)

When the option is set to false or has no set value:

  • Static resources are cached according to the option values set in the static-web-resources section.
  • Dynamic data exchange is not cached.
  • Proxied resources are cached in accordance with caching policy of the original resources.

More information can be found here:

This page was last edited on March 2, 2018, at 17:55.
Comments or questions about this documentation? Contact us for support!