# Cache-Control: no-store prevents browsers from writing the object
# to disk.  We add 'private' in case there are any public caches
# downstream of Fastly, between us and the browser, which might
# perform request collapsing on public content
set resp.http.Cache-Control = "private, no-store";

# Remove all other caching-related response headers
unset resp.http.Expires;
unset resp.http.ETag;
unset resp.http.Last-Modified;