diff --git a/authentication.go b/authentication.go
index f86c6ca..4faf8f7 100644
--- a/authentication.go
+++ b/authentication.go
@@ -52,7 +52,7 @@ func (a *goBlog) authMiddleware(next http.Handler) http.Handler {
 			return
 		}
 		// Show login form
-		w.Header().Set("Cache-Control", "no-store,max-age=0")
+		w.Header().Set(cacheControl, "no-store,max-age=0")
 		w.Header().Set("X-Robots-Tag", "noindex")
 		h, _ := json.Marshal(r.Header)
 		b, _ := io.ReadAll(io.LimitReader(r.Body, 20*1000*1000)) // Only allow 20 MB
diff --git a/cache.go b/cache.go
index f3a6819..57be8b6 100644
--- a/cache.go
+++ b/cache.go
@@ -19,6 +19,9 @@ import (
 const (
 	cacheLoggedInKey   contextKey = "cacheLoggedIn"
 	cacheExpirationKey contextKey = "cacheExpiration"
+
+	lastModified = "Last-Modified"
+	cacheControl = "Cache-Control"
 )
 
 type cache struct {
@@ -129,13 +132,13 @@ func (a *goBlog) setCacheHeaders(w http.ResponseWriter, cache *cacheItem) {
 	}
 	// Set cache headers
 	w.Header().Set("ETag", cache.eTag)
-	w.Header().Set("Last-Modified", cache.creationTime.UTC().Format(http.TimeFormat))
-	if w.Header().Get("Cache-Control") == "" {
+	w.Header().Set(lastModified, cache.creationTime.UTC().Format(http.TimeFormat))
+	if w.Header().Get(cacheControl) == "" {
 		if cache.expiration != 0 {
-			w.Header().Set("Cache-Control", fmt.Sprintf("public,max-age=%d,stale-while-revalidate=%d", cache.expiration, cache.expiration))
+			w.Header().Set(cacheControl, fmt.Sprintf("public,max-age=%d,stale-while-revalidate=%d", cache.expiration, cache.expiration))
 		} else {
 			exp := a.cfg.Cache.Expiration
-			w.Header().Set("Cache-Control", fmt.Sprintf("public,max-age=%d,s-max-age=%d,stale-while-revalidate=%d", exp, exp/3, exp))
+			w.Header().Set(cacheControl, fmt.Sprintf("public,max-age=%d,s-max-age=%d,stale-while-revalidate=%d", exp, exp/3, exp))
 		}
 	}
 }
@@ -185,7 +188,7 @@ func (c *cache) getCache(key string, next http.Handler, r *http.Request) (item *
 			eTag, _ = getSHA256(bytes.NewReader(body))
 		}
 		lastMod := time.Now()
-		if lm := result.Header.Get("Last-Modified"); lm != "" {
+		if lm := result.Header.Get(lastModified); lm != "" {
 			if parsedTime, te := dateparse.ParseLocal(lm); te == nil {
 				lastMod = parsedTime
 			}
@@ -193,7 +196,7 @@ func (c *cache) getCache(key string, next http.Handler, r *http.Request) (item *
 		// Remove problematic headers
 		result.Header.Del("Accept-Ranges")
 		result.Header.Del("ETag")
-		result.Header.Del("Last-Modified")
+		result.Header.Del(lastModified)
 		// Create cache item
 		exp, _ := cr.Context().Value(cacheExpirationKey).(int)
 		item = &cacheItem{
@@ -205,7 +208,7 @@ func (c *cache) getCache(key string, next http.Handler, r *http.Request) (item *
 			body:         body,
 		}
 		// Save cache
-		if cch := item.header.Get("Cache-Control"); !containsStrings(cch, "no-store", "private", "no-cache") {
+		if cch := item.header.Get(cacheControl); !containsStrings(cch, "no-store", "private", "no-cache") {
 			if exp == 0 {
 				c.c.Set(key, item, item.cost())
 			} else {
diff --git a/captcha.go b/captcha.go
index 30fcf67..d9a6598 100644
--- a/captcha.go
+++ b/captcha.go
@@ -64,7 +64,7 @@ func (a *goBlog) captchaMiddleware(next http.Handler) http.Handler {
 		}
 		// Render captcha
 		_ = ses.Save(r, w)
-		w.Header().Set("Cache-Control", "no-store,max-age=0")
+		w.Header().Set(cacheControl, "no-store,max-age=0")
 		a.renderWithStatusCode(w, r, http.StatusUnauthorized, a.renderCaptcha, &renderData{
 			Data: &captchaRenderData{
 				captchaMethod:  r.Method,
diff --git a/geoTiles.go b/geoTiles.go
index 3d7f20d..c5b0b93 100644
--- a/geoTiles.go
+++ b/geoTiles.go
@@ -27,7 +27,7 @@ func (a *goBlog) proxyTiles(basePath string) http.HandlerFunc {
 			"Accept-Encoding",
 			"Accept-Language",
 			"Accept",
-			"Cache-Control",
+			cacheControl,
 			"If-Modified-Since",
 			"If-None-Match",
 			"User-Agent",
@@ -45,7 +45,7 @@ func (a *goBlog) proxyTiles(basePath string) http.HandlerFunc {
 			"Accept-Ranges",
 			"Access-Control-Allow-Origin",
 			"Age",
-			"Cache-Control",
+			cacheControl,
 			"Content-Length",
 			"Content-Type",
 			"Etag",
diff --git a/go.mod b/go.mod
index 8d95d19..9d8115d 100644
--- a/go.mod
+++ b/go.mod
@@ -55,7 +55,7 @@ require (
 	// master
 	github.com/yuin/goldmark-emoji v1.0.2-0.20210607094911-0487583eca38
 	github.com/yuin/goldmark-highlighting v0.0.0-20210516132338-9216f9c5aa01
-	golang.org/x/crypto v0.0.0-20220128200615-198e4374d7ed
+	golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838
 	golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
 	golang.org/x/text v0.3.7
diff --git a/go.sum b/go.sum
index 8bac388..b16d2bc 100644
--- a/go.sum
+++ b/go.sum
@@ -472,8 +472,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.0.0-20220128200615-198e4374d7ed h1:YoWVYYAfvQ4ddHv3OKmIvX7NCAhFGTj62VP2l2kfBbA=
-golang.org/x/crypto v0.0.0-20220128200615-198e4374d7ed/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838 h1:71vQrMauZZhcTVK6KdYM+rklehEEwb3E+ZhaE5jrPrE=
+golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
diff --git a/media.go b/media.go
index 45f6361..1d4fb92 100644
--- a/media.go
+++ b/media.go
@@ -21,6 +21,6 @@ func (a *goBlog) serveMediaFile(w http.ResponseWriter, r *http.Request) {
 		http.NotFound(w, r)
 		return
 	}
-	w.Header().Add("Cache-Control", "public,max-age=31536000,immutable")
+	w.Header().Add(cacheControl, "public,max-age=31536000,immutable")
 	http.ServeFile(w, r, f)
 }
diff --git a/staticFiles.go b/staticFiles.go
index 7bdc969..ea55059 100644
--- a/staticFiles.go
+++ b/staticFiles.go
@@ -39,6 +39,6 @@ func hasStaticPath(path string) bool {
 
 // Gets only called by registered paths
 func (a *goBlog) serveStaticFile(w http.ResponseWriter, r *http.Request) {
-	w.Header().Set("Cache-Control", fmt.Sprintf("public,max-age=%d,s-max-age=%d,stale-while-revalidate=%d", a.cfg.Cache.Expiration, a.cfg.Cache.Expiration/3, a.cfg.Cache.Expiration))
+	w.Header().Set(cacheControl, fmt.Sprintf("public,max-age=%d,s-max-age=%d,stale-while-revalidate=%d", a.cfg.Cache.Expiration, a.cfg.Cache.Expiration/3, a.cfg.Cache.Expiration))
 	http.ServeFile(w, r, filepath.Join(staticFolder, r.URL.Path))
 }
diff --git a/templateAssets.go b/templateAssets.go
index dba9efc..795a43a 100644
--- a/templateAssets.go
+++ b/templateAssets.go
@@ -110,7 +110,7 @@ func (a *goBlog) serveAsset(w http.ResponseWriter, r *http.Request) {
 		a.serve404(w, r)
 		return
 	}
-	w.Header().Set("Cache-Control", "public,max-age=31536000,immutable")
+	w.Header().Set(cacheControl, "public,max-age=31536000,immutable")
 	w.Header().Set(contentType, af.contentType+contenttype.CharsetUtf8Suffix)
 	_, _ = w.Write(af.body)
 }