diff --git a/src/wp-includes/rest-api/class-wp-rest-server.php b/src/wp-includes/rest-api/class-wp-rest-server.php
index 2c46fd8..628dac7 100644
--- a/src/wp-includes/rest-api/class-wp-rest-server.php
+++ b/src/wp-includes/rest-api/class-wp-rest-server.php
@@ -237,6 +237,21 @@ class WP_REST_Server {
 		$this->send_header( 'Access-Control-Allow-Headers', 'Authorization' );
 
 		/**
+		 * Send nocache headers on authenticated requests.
+		 *
+		 * @since 4.4.0
+		 *
+		 * @param bool $rest_send_nocache_headers Whether to send no-cache headers.
+		 */
+		$send_no_cache_headers = apply_filters( 'rest_send_nocache_headers', is_user_logged_in() );
+		var_dump($send_no_cache_headers);
+		if ( $send_no_cache_headers ) {
+			foreach ( wp_get_nocache_headers() as $header => $header_value ) {
+				$this->send_header( $header, $header_value );
+			}
+		}
+
+		/**
 		 * Filter whether the REST API is enabled.
 		 *
 		 * @since 4.4.0
diff --git a/tests/phpunit/includes/spy-rest-server.php b/tests/phpunit/includes/spy-rest-server.php
index c90ac2f..9a1b78a 100644
--- a/tests/phpunit/includes/spy-rest-server.php
+++ b/tests/phpunit/includes/spy-rest-server.php
@@ -1,6 +1,10 @@
 <?php
 
 class Spy_REST_Server extends WP_REST_Server {
+
+	public $sent_headers = array();
+	public $sent_body = '';
+
 	/**
 	 * Get the raw $endpoints data from the server
 	 *
@@ -20,4 +24,16 @@ class Spy_REST_Server extends WP_REST_Server {
 	public function __call( $method, $args ) {
 		return call_user_func_array( array( $this, $method ), $args );
 	}
+
+	public function send_header( $header, $value ) {
+		$this->sent_headers[ $header ] = $value;
+	}
+
+	public function serve_request( $path = null ) {
+
+		ob_start();
+		$result = parent::serve_request( $path );
+		$this->sent_body = ob_get_clean();
+		return $result;
+	}
 }
diff --git a/tests/phpunit/tests/rest-api/rest-server.php b/tests/phpunit/tests/rest-api/rest-server.php
index c9431f0..33e3f24 100644
--- a/tests/phpunit/tests/rest-api/rest-server.php
+++ b/tests/phpunit/tests/rest-api/rest-server.php
@@ -619,4 +619,30 @@ class Tests_REST_Server extends WP_Test_REST_TestCase {
 		$this->assertContains( 'test/example', $namespaces );
 		$this->assertContains( 'test/another', $namespaces );
 	}
+
+	public function test_nocache_headers_on_authenticated_requests() {
+		$editor = self::factory()->user->create( array( 'role' => 'editor' ) );
+		$request = new WP_REST_Request( 'GET', '/', array() );
+		wp_set_current_user( $editor );
+
+		$result = $this->server->serve_request('/');
+		$headers = $this->server->sent_headers;
+
+		foreach ( wp_get_nocache_headers() as $header => $value ) {
+			$this->assertTrue( isset( $headers[ $header ] ), sprintf( 'Header %s is not present in the response.', $header ) );
+			$this->assertEquals( $value, $headers[ $header ] );
+		}
+	}
+
+	public function test_no_nocache_headers_on_unauthenticated_requests() {
+		$editor = self::factory()->user->create( array( 'role' => 'editor' ) );
+		$request = new WP_REST_Request( 'GET', '/', array() );
+
+		$result = $this->server->serve_request('/');
+		$headers = $this->server->sent_headers;
+
+		foreach ( wp_get_nocache_headers() as $header => $value ) {
+			$this->assertFalse( isset( $headers[ $header ] ) && $headers[ $header ] === $value, sprintf( 'Header %s is set to nocache.', $header ) );
+		}
+	}
 }