Can someone tell show me how to code the Response object to specify Cache-Control, Expires and Pragma headers? After I Auth:logout a user, the browser back button shows the previous session screens from the browser cache.
I never do that. The fact that a back button shows pages from cache is by design. Disabling cache on all pages do prevent users using the back button has an adverse affect on performance, and will cause a reload on using the back-button, which might have very nasty side effects you have to take into account in your application.
I don't have a problem with users using that button. Since the session is no longer there, as soon as the user tries to do something the lack of authorisation makes sure nothing can happen.
Having said that, to be able to set custom headers on the Response, you need access to the Reponse object. Which you have in your index.php, but if you do it there, you'll do it for all responses.
In controllers, the response is crafted automatically (in most cases) in the after() method of the base controller you extend. Which means you will have to create your own after() method, which calls the parent to construct the response, and add headers to it before returning it. You can do this in your individual controllers, or use your own base controller in which you do this.
Donate
