Security scanner reported "Cacheable SSL Page Found" for gateway virtual server. The detailed content reported by the scanner is as below:

------------------------------

The application has responded with a response that indicates the page should be cached, but cache controls aren't set (you can set "Cache-Control: no-store" or "Cache-Control: no-cache" or "Pragma: no-cache" to prevent caching). 

------------------------------

The issue can be solved with the following command:

1.Add rewrite action

enable ns feature REWRITE
add rewrite action Add-Cache-act-Pragma insert_http_header Pragma "\"no-cache\"" 
add rewrite action Add-Cache-act insert_http_header Cache-Control "\"no-cache,no-store,must-revalidate\""

2.Add rewrite policy

add rewrite policy Add-CacheCotrol-pol true Add-Cache-act
add rewrite policy Add-Cache-pol_Pragma true Add-Cache-act-Pragma

3.bind the rewrite policy to the gateway virtual server

bind vpn vserver <vserver_name> -policy Add-CacheCotrol-pol -priority 100 -gotoPriorityExpression NEXT -type RESPONSE 
bind vpn vserver <vserver_name> -policy Add-Cache-pol_Pragma -priority 110 -gotoPriorityExpression NEXT -type RESPONSE 

4.Flush old cashed inside NetScaler to avoid NetScaler itself caches the static pages and bypass the above rewrite policy

flush cache ContentGroup ALL

Problem Cause

NetScaler didn't set "no-cache" with Pragma header or "no-store" with Cache-Control header for some static pages.  This is OK as the traffic is SSL and the intermediate device is not possible to decrypt and cache the response. However, the security scanner may take this as a week point.