Symfony 3.4 http cache , always Cache-Control: max-age=0, must-revalidate, private

Question

I try in annotation

 * @Cache(expires="+10 hours", public=false) 

or in controller

$maxAge = 60*60;
$response->setExpires(Carbon::create()->addHour());
$response->setSharedMaxAge($maxAge);
$response->setPublic();
$response->setMaxAge($maxAge);

And still have Cache-Control: max-age=0, must-revalidate, private

App use sessions, user is login - I want - cache private, but nothing work - I always get this.

I've added FOS\HttpCacheBundle\FOSHttpCacheBundle()

(just add) Have hope to it override symfony cache and allow send cache private - but nothing change.

Answer 1

This behaviour is new as of Symfony 3.4 and 4.0. If a user session has been initialized it will always set the headers as described in your question.

Introduced in Symfony 4.1 you can override this behaviour. However as this is a new feature this will not be backported to Symfony 3.4.

$response->headers->set(AbstractSessionListener::NO_AUTO_CACHE_CONTROL_HEADER, 'true');

You can read about this in the Symfony documentation: HTTP Caching and User Sessions

Answer 2

Probably the best way to do this would be to use Service decoration, but i prefered the dirty way for now.

In my case i just needed the shared cached headers for a specific controller.

Workaroung for Symfony 3.4.*:

Create a listener with lower priority than Symfony\Component\HttpKernel\EventListener\SessionListener in services.yml (don't know if this is recommended):

AppBundle\Listener\ResponseListener:
    tags:
        - { name: kernel.event_listener, event: kernel.response, priority: -1001 }

Then in AppBundle\Listener\ResponseListener:

<?php

namespace AppBundle\Listener;

use Symfony\Component\HttpKernel\Event\FilterResponseEvent;

class ResponseListener
{
    public function onKernelResponse(FilterResponseEvent $event)
    {
        $response = $event->getResponse();

        $controller = $event->getRequest()->attributes->get('_controller');
        $requiredAssetAction = "AppBundle\Controller\Website\AssetsController::assetAction";

        if ($controller == $requiredAssetAction) {
            $response->headers->addCacheControlDirective('max-age', 900);
            $response->headers->addCacheControlDirective('s-maxage', 900);
            $response->headers->addCacheControlDirective('must-revalidate', true);
            $response->headers->addCacheControlDirective('public', true);
            $response->headers->removeCacheControlDirective('private');

        }

        $event->setResponse($response);
    }

}