Sensitive Data stored in cache.db-wal file?

Question

I am facing an issue in an iOS application that uses a UIWebView to render HTML5 code that is part of the application bundle.

This HTML5 code makes ajax requests to our backend which may potentially have sensitive data in them. This is all done over HTTPS and our application never stores the sensitive data. However, when doing security testing for the application, we found that http post requests where being stored in a local SQL Lite database (cache.db) as of iOS 5.

It was easy to manage that, by setting the NSURLCache global object to have zero disk storage, and deleting the file when appropriate.

Now however, it looks like in iOS 6.1 Apple has changed the implementation again, and the data is being stored in cache.db-wal. I have limited knowledge of SQL Lite, but I think this is a file created when SQL Lite is initialized with certain options.

Any suggestions as to a fix?

Answer 1

After further research, it seems that the suggestion by Hot Licks above was correct, by adding the "no-cache, no-store" value to the HTTP response, the HTTP request values where not logged in the SQLite database.

For example, in ASP.Net MVC:

public ActionResult PostSensitiveData(string data)
{
     Response.Cache.SetCacheability(HttpCacheability.NoCache);
     Response.Cache.SetNoStore();

     return Json(data);
}

Answer 2

The other files created by SQLite (-journal, -wal, -shm) are part of the database itself.

When you delete the cache.db file, also delete any cache.db-* files.

---

To prevent that data gets inserted in the first place, open the database and create some trigger like this on every table:

CREATE TRIGGER MyTable_evil_trigger
BEFORE INSERT ON MyTable
BEGIN
    SELECT RAISE(IGNORE);
END;

(And then check whether the UIWebView blows up when the inserted records don't actually show up …)

Answer 3

You can call

[[NSURLCache sharedURLCache] removeAllCachedResponses] 

This will clear all the cached url calls from the Cache.db file.