do we need to do anything about headers used for caching??

[komuw]

https://simonhearne.com/2022/caching-header-best-practices/
If we do anything here, we ought to aware of interaction of caching and Authorization http headers: https://httptoolkit.com/blog/bunny-cdn-caching-vulnerability/

Look at all auth headers: https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication