Understanding Our Cache and the Web Cache Deception Attack

Security researcher Omer Gil has identified a new type of attack called the Web Cache Deception attack, which targets websites using reverse proxies like Cloudflare and are misconfigured in a particular way. The attack involves tricking users into visiting malicious URLs that appear legitimate but can be cached by the reverse proxy, exposing sensitive content. To defend against this attack, website owners should ensure their site isn't so permissive and never treats requests to nonexistent paths as equivalent to valid parent paths. Cloudflare has outlined its cache logic in two phases: eligibility and disqualification, with specific rules for each phase that determine whether a request is cached or not.