Add accepted value for cache-control header in default policy

[pealtrufo]

Currently, the only accepted value for cache-control header as per default policy is 'no-cache, no-store, must-revalidate'

We've received a suggestion to also allow as a valid value: 'no-cache, no-store, must-revalidate, max-age=0'

Would it be possible to modify the default policy to allow either of these two values?

[emilejq]

As per the Mozilla standard for preventing caching, https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control#preventing_caching, we're now changing the default value to no-store, max-age=0

It can still be overridden as needed, to support legacy browsers for instance