I think I've encountered an issue with the way Cache-Control headers are handled for static assets.
Below are the "Steps to reproduce", "Expected result", and "Actual result".
Steps to reproduce
-------------------------
1. Create a static asset entry in app.yaml:
```
runtime: go
api_version: go1
default_expiration: "1h" # 3600s
- url: /
static_files: public/index.html
upload: public/index.html
mime_type: text/html; charset=UTF-8
secure: always
http_headers:
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
```
2. Deploy to App Engine.
3. Request / URL for custom domain.
Expected Result
----------------------
```
Cache-Control: no-cache
```
Actual Result
------------------
```
Cache-Control: public, max-age=3600
Cache-Control: no-cache
```