Hello,
I think I've encountered an issue with the way Cache-Control headers are
handled for static assets.
Below are the "Steps to reproduce", "Expected result", and "Actual result".
Steps to reproduce
-------------------------
1. Create a static asset entry in app.yaml:
```
runtime: go
api_version: go1
default_expiration: "1h" # 3600s
- url: /
static_files: public/index.html
upload: public/index.html
mime_type: text/html; charset=UTF-8
secure: always
http_headers:
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache
Content-Security-Policy: default-src 'none'; font-src 'self'
https://fonts.gstatic.com; style-src 'self' https://fonts.googleapis.com;
img-src 'self'; script-src 'self';
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Link: <https://fonts.gstatic.com>; rel=preconnect
```
2. Deploy to App Engine.
3. Request / URL for custom domain.
Expected Result
----------------------
```
Cache-Control: no-cache
```
Actual Result
------------------
```
Cache-Control: public, max-age=3600
Cache-Control: no-cache
```
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/google-appengine.
To view this discussion on the web visit
https://groups.google.com/d/msgid/google-appengine/e0168a13-ffc7-4a55-8645-7ff43bce4fa1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
