Add Vary header to prevent caching routes with different content types

Such as the /me route, which can be requested by the browser for its
frontend HTML or its backend JSON, but the browser should not cache
either and return it for the other one.

Fixes #888.

Author: carols10cents

config/nginx.conf.erb

@@ -47,6 +47,7 @@ http {
 
 		location / {
 			add_header Strict-Transport-Security "max-age=31536000" always;
+            add_header Vary 'Accept, Accept-Encoding, Cookie';
 			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 			proxy_set_header Host $http_host;
 			proxy_redirect off;