`mini\Session\SessionMiddleware::applyCacheLimiter()` Method

private

Signature

private function applyCacheLimiter(Psr\Http\Message\ResponseInterface $response): Psr\Http\Message\ResponseInterface

Parameters

Name	Type	Default	Description
`$response`	`Psr\Http\Message\ResponseInterface`	required	Documentation missing

Returns

Psr\Http\Message\ResponseInterface

Documentation

Apply cache control headers based on session.cache_limiter

Prevents caching of responses that set session cookies, which could leak personalized data to other users via CDN/proxy caches.

Always restricts caching - if app set Cache-Control, we make it more restrictive (never less). Setting a session cookie and caching the response is always a bug.

Source

src/Session/SessionMiddleware.php:112-165

← Back to Session\SessionMiddleware