Add note advising to not cache Set-Cookie when cookie is used for session identification

[jpcastberg]

Hey! We got bit pretty hard by this issue recently and I thought it would be prudent to add a warning to the documentation.

If the Set-Cookie header is being used to identify users, it is crucial that the header not be cached by mod_cache. If we do cache the cookie, the user identifying cookie (potentially containing unencrypted login credentials) may be given to another user, causing an unintentional session hijacking.

French translations created via Google translate, not verified.

Sources: https://www.apachelounge.com/viewtopic.php?p=43026 https://www.softslate.com/blog/2011/07/apache-modcache-in-real-world.html (See: Bitten by the Cookie) https://confluence.atlassian.com/jirakb/request-assumes-identity-of-another-user-who-logs-in-concurrently-due-to-apache-cacheignoreheaders-226791609.html)