{
  "id": "S037",
  "name": "Configure comprehensive cache headers to prevent sensitive data leakage",
  "category": "security",
  "description": "S037 - Configure comprehensive cache headers (Cache-Control: no-store, no-cache, must-revalidate, Pragma: no-cache, Expires: 0) for sensitive responses to avoid caching sensitive data in browsers or intermediaries.",
  "severity": "warning",
  "enabled": true,
  "semantic": {
    "enabled": true,
    "priority": "medium",
    "fallback": "heuristic"
  },
  "patterns": {
    "include": ["**/*.js", "**/*.ts", "**/*.jsx", "**/*.tsx"],
    "exclude": [
      "**/*.test.js",
      "**/*.test.ts",
      "**/*.spec.js",
      "**/*.spec.ts",
      "**/node_modules/**",
      "**/dist/**",
      "**/build/**"
    ]
  },
  "analysis": {
    "approach": "symbol-based-primary",
    "fallback": "regex-based",
    "depth": 1,
    "timeout": 4000
  },
  "validation": {
    "headerSetters": ["setHeader", "set", "header"],
    "required": {
      "Cache-Control": ["no-store", "no-cache", "must-revalidate"],
      "Pragma": ["no-cache"],
      "Expires": ["0"]
    },
    "sensitiveIndicators": [
      "session",
      "auth",
      "token",
      "jwt",
      "csrf",
      "user",
      "profile",
      "payment",
      "account"
    ]
  }
}