diff --git a/framework/web/HttpCache.php b/framework/web/HttpCache.php
index b715c32..f64b37f 100644
--- a/framework/web/HttpCache.php
+++ b/framework/web/HttpCache.php
@@ -48,11 +48,9 @@ class HttpCache extends ActionFilter
 	 */
 	public $params;
 	/**
-	 * Http cache control headers. Set this to an empty string in order to keep this
-	 * header from being sent entirely.
-	 * @var string
+	 * @var string HTTP cache control header. If null, the header will not be sent.
 	 */
-	public $cacheControl = 'max-age=3600, public';
+	public $cacheControlHeader = 'Cache-Control: max-age=3600, public';
 
 	/**
 	 * This method is invoked right before an action is to be executed (after all possible filters.)
@@ -62,8 +60,8 @@ class HttpCache extends ActionFilter
 	 */
 	public function beforeAction($action)
 	{
-		$requestMethod = Yii::$app->request->getRequestMethod();
-		if ($requestMethod !== 'GET' && $requestMethod !== 'HEAD' || $this->lastModified === null && $this->etagSeed === null) {
+		$verb = Yii::$app->request->getRequestMethod();
+		if ($verb !== 'GET' && $verb !== 'HEAD' || $this->lastModified === null && $this->etagSeed === null) {
 			return true;
 		}
 
@@ -84,7 +82,9 @@ class HttpCache extends ActionFilter
 		if ($this->validateCache($lastModified, $etag)) {
 			header('HTTP/1.1 304 Not Modified');
 			return false;
-		} elseif ($lastModified !== null) {
+		}
+
+		if ($lastModified !== null) {
 			header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $lastModified) . ' GMT');
 		}
 		return true;
@@ -114,7 +114,9 @@ class HttpCache extends ActionFilter
 	{
 		session_cache_limiter('public');
 		header('Pragma:', true);
-		header('Cache-Control: ' . $this->cacheControl, true);
+		if ($this->cacheControlHeader !== null) {
+			header($this->cacheControlHeader, true);
+		}
 	}
 
 	/**
diff --git a/framework/web/User.php b/framework/web/User.php
index 2ecbcda..fdde60b 100644
--- a/framework/web/User.php
+++ b/framework/web/User.php
@@ -7,49 +7,10 @@
 
 namespace yii\web;
 
+use Yii;
 use yii\base\Component;
 
 /**
- * CWebUser represents the persistent state for a Web application user.
- *
- * CWebUser is used as an application component whose ID is 'user'.
- * Therefore, at any place one can access the user state via
- * <code>Yii::app()->user</code>.
- *
- * CWebUser should be used together with an {@link IUserIdentity identity}
- * which implements the actual authentication algorithm.
- *
- * A typical authentication process using CWebUser is as follows:
- * <ol>
- * <li>The user provides information needed for authentication.</li>
- * <li>An {@link IUserIdentity identity instance} is created with the user-provided information.</li>
- * <li>Call {@link IUserIdentity::authenticate} to check if the identity is valid.</li>
- * <li>If valid, call {@link CWebUser::login} to login the user, and
- *     Redirect the user browser to {@link returnUrl}.</li>
- * <li>If not valid, retrieve the error code or message from the identity
- * instance and display it.</li>
- * </ol>
- *
- * The property {@link id} and {@link name} are both identifiers
- * for the user. The former is mainly used internally (e.g. primary key), while
- * the latter is for display purpose (e.g. username). The {@link id} property
- * is a unique identifier for a user that is persistent
- * during the whole user session. It can be a username, or something else,
- * depending on the implementation of the {@link IUserIdentity identity class}.
- *
- * Both {@link id} and {@link name} are persistent during the user session.
- * Besides, an identity may have additional persistent data which can
- * be accessed by calling {@link getState}.
- * Note, when {@link enableAutoLogin cookie-based authentication} is enabled,
- * all these persistent data will be stored in cookie. Therefore, do not
- * store password or other sensitive data in the persistent storage. Instead,
- * you should store them directly in session on the server side if needed.
- *
- * @property boolean $isGuest Whether the current application user is a guest.
- * @property mixed $id The unique identifier for the user. If null, it means the user is a guest.
- * @property string $name The user name. If the user is not logged in, this will be {@link guestName}.
- * @property string $returnUrl The URL that the user should be redirected to after login.
- * @property string $stateKeyPrefix A prefix for the name of the session variables storing user session data.
  *
  * @author Qiang Xue <qiang.xue@gmail.com>
  * @since 2.0
@@ -120,7 +81,7 @@ class User extends Component
 	public function init()
 	{
 		parent::init();
-		Yii::app()->getSession()->open();
+		Yii::$app->getSession()->open();
 		if ($this->getIsGuest() && $this->enableAutoLogin) {
 			$this->restoreFromCookie();
 		} elseif ($this->autoRenewCookie && $this->enableAutoLogin) {