It looks like the PHP is smart enough to add these headers by himself...
Have a look at this parameter in your php.ini : "session.cache-limiter".
It should be equal to "nocache".
In the php manual :
you can read :
"Setting the cache limiter to nocache disallows any client/proxy caching".
(you can verify it with your http://[q2a-website]/index.php page )
So letting the php to manage by himself the client caching issues of its pages, you can modify your directive to not manage anymore them (that is : exclude .php extensions from the match - they are already handled) :
Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"
Header set Pragma "no-cache"
The http responses containing blobs ("special" php requests) should now be correctly handled by the qa-include/qa-blob.php that at line 55 forces the caching headers programmatically to allow browsers and proxies to cache the blobs.
It should work.....
to test always use "enter" or navigate "correctly" following the urls of your website, that is : never make a browser page refresh (F5). After every server side configuration you change, you should restart Apache and clear your browser cache before testing :-)