diff --git a/core/avatar/avatarcontroller.php b/core/avatar/avatarcontroller.php
index 9eb7069166e4f065182f49402e7b7e5fb3685c2a..5ddd80c45af7de44ea42ba1c7887ea7ef8e4c340 100644
--- a/core/avatar/avatarcontroller.php
+++ b/core/avatar/avatarcontroller.php
@@ -209,8 +209,7 @@ class AvatarController extends Controller {
 
 		$resp = new DataDisplayResponse($image->data(),
 				Http::STATUS_OK,
-				['Content-Type' => $image->mimeType(),
-				 'Pragma' => 'public']);
+				['Content-Type' => $image->mimeType()]);
 
 		$resp->setETag(crc32($image->data()));
 		$resp->cacheFor(0);
diff --git a/lib/public/appframework/http/response.php b/lib/public/appframework/http/response.php
index 8fd5fdd8f537271cc15585831aeecf3c5440fc0c..f6c9460ff156d1fccefd084818cbb6e889d25508 100644
--- a/lib/public/appframework/http/response.php
+++ b/lib/public/appframework/http/response.php
@@ -94,7 +94,7 @@ class Response {
 			$this->addHeader('Cache-Control', 'max-age=' . $cacheSeconds .
 				', must-revalidate');
 		} else {
-			$this->addHeader('Cache-Control', 'no-cache, must-revalidate');
+			$this->addHeader('Cache-Control', 'no-cache, no-store, must-revalidate');
 		}
 
 		return $this;
diff --git a/tests/lib/appframework/http/ResponseTest.php b/tests/lib/appframework/http/ResponseTest.php
index 77e9441b52cad59e8483f3fc1adb5d2ad0bb026a..c8b79fbd8b6b28eaf4287acb97de052a442f7742 100644
--- a/tests/lib/appframework/http/ResponseTest.php
+++ b/tests/lib/appframework/http/ResponseTest.php
@@ -221,7 +221,7 @@ class ResponseTest extends \Test\TestCase {
 		$this->childResponse->cacheFor(0);
 
 		$headers = $this->childResponse->getHeaders();
-		$this->assertEquals('no-cache, must-revalidate', $headers['Cache-Control']);
+		$this->assertEquals('no-cache, no-store, must-revalidate', $headers['Cache-Control']);
 	}