I've posted into the issue tracker as well. Not 100% certain if this will be considered a defect but it seems like it probably should be.
On Wednesday, 17 January 2018 21:03:02 UTC-3, Nathan Fisher wrote: > > Hello, > > I think I've encountered an issue with the way Cache-Control headers are > handled for static assets. > > Below are the "Steps to reproduce", "Expected result", and "Actual result". > > Steps to reproduce > ------------------------- > > 1. Create a static asset entry in app.yaml: > > ``` > runtime: go > api_version: go1 > > default_expiration: "1h" # 3600s > > - url: / > static_files: public/index.html > upload: public/index.html > mime_type: text/html; charset=UTF-8 > secure: always > http_headers: > Strict-Transport-Security: max-age=31536000; includeSubDomains; preload > Cache-Control: no-cache > Content-Security-Policy: default-src 'none'; font-src 'self' > https://fonts.gstatic.com; style-src 'self' https://fonts.googleapis.com; > img-src 'self'; script-src 'self'; > Referrer-Policy: same-origin > X-Content-Type-Options: nosniff > X-Frame-Options: deny > X-Permitted-Cross-Domain-Policies: none > X-XSS-Protection: 1; mode=block > Link: <https://fonts.gstatic.com>; rel=preconnect > ``` > 2. Deploy to App Engine. > 3. Request / URL for custom domain. > > Expected Result > ---------------------- > ``` > Cache-Control: no-cache > ``` > > Actual Result > ------------------ > ``` > Cache-Control: public, max-age=3600 > Cache-Control: no-cache > ``` > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/3b9ba03d-1a04-4994-bc08-19dd8561ef47%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
