BUGFIX: caching fixes

src/EventSubscriber/CacheHeadersSubscriber.php

@@ -0,0 +1,37 @@
+<?php
+
+namespace App\EventSubscriber;
+
+use Symfony\Component\DependencyInjection\ParameterBag\ContainerBagInterface;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Symfony\Component\HttpKernel\Event\ResponseEvent;
+use Symfony\Component\HttpKernel\KernelEvents;
+
+class CacheHeadersSubscriber implements EventSubscriberInterface
+{
+    private $params;
+
+    public function __construct(ContainerBagInterface $params)
+    {
+        $this->params = $params;
+    }
+
+    public function onResponse(ResponseEvent $event)
+    {
+        $response = $event->getResponse();
+        $response->headers->addCacheControlDirective('max-age', 900);
+        $response->headers->addCacheControlDirective('s-maxage', 900);
+        $response->headers->addCacheControlDirective('must-revalidate', true);
+        $response->headers->addCacheControlDirective('public', true);
+        $response->headers->removeCacheControlDirective('private');
+
+        $event->setResponse($response);
+    }
+
+    public static function getSubscribedEvents()
+    {
+        return [
+            KernelEvents::RESPONSE => 'onResponse'
+        ];
+    }
+}

src/EventSubscriber/SecurityHeadersSubscriber.php

@@ -24,6 +24,8 @@ class SecurityHeadersSubscriber implements EventSubscriberInterface
         $referer = $securitypolicy['referer_policy'];
         $response->headers->set("Content-Security-Policy", $csp);
         $response->headers->set("Referrer-Policy", $referer);
+
+        $event->setResponse($response);
     }
 
     public static function getSubscribedEvents()