+ if (ini_get("session.use_cookies")) {
+ $response->addHeader("Vary", "cookie");
+ }
+ $response->addHeader("Cache-Control",
+ new Params([
+ "private" => true,
+ "must-revalidate" => true,
+ "max-age" => ini_get("session.cache_expire") * 60
+ ])
+ );