You might be on place re: details leakage and This could be an essential consideration for anyone rolling their own individual authentication/authorization plan. +one for mentioning OWASP. When viewing the response headers from CloudFront, note the X-Cache: (strike/overlook) and Age: (how much time in the past this certain page was http://pigpgs.com
