Firebase hosting caches Google Cloud Run requests

Question

So I'm experimenting with Firebase hosting and Google Cloud Run for a web application.

I got a static SPA deployed on firebase hosting, and a rewrite rule to direct all requests starting with /api to my Google Cloud Run service.

My firebase.json file looks like this:

{
  "hosting": {
    "public": "dist",
    "ignore": [
      "firebase.json",
      "**/.*",
      "**/node_modules/**"
    ],
    "rewrites": [
      {
        "source": "**/api/**",
        "run": {
          "serviceId": "myservice-api",  
          "region": "europe-west1"     
        }
      },
      {
        "source": "**",
        "destination": "/index.html"
      }
    ]
  }
}

At first, it seemed like everything worked as expected, all /api requests were handled by my Google Cloud Run service. However I started to notice strange behaviour for some of the requests, as the response returned by the server was not at all what I expected. Looking into it a bit further I noticed that those requests were not showing up in the logs of my Cloud Run service.

So I checked the response headers received by the browser, and noticed that the response was coming from Firebase cache instead of the Cloud Run service:

accept-ranges: bytes
access-control-allow-origin: *
content-length: 245
content-type: application/json
date: Wed, 06 Nov 2019 11:24:32 GMT
server: Google Frontend
status: 200
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 5
x-served-by: cache-cdg20776-CDG

The documentation states:

However, because Cloud Functions and Cloud Run services generate content dynamically, the content for a given URL can vary based on such things as user input or the user's identity. To account for this, requests that are handled by backend code do not cache on the CDN by default.

So I would expect none of the requests going to /api to be cached, ever. Is there something wrong in the way I defined my rewrite rules or should I consider this as an issue in the way Firebase Hosting handles Cloud Run routing ?

UPDATE

Here is the client request in details as shown in Chrome dev tools:

Request URL: https://myproject.web.app/api/users/me
Request Method: GET

Headers:
:authority: myproject.web.app
:method: GET
:path: /api/users/me
:scheme: https
accept: application/json;charset=UTF-8
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9,fr;q=0.8
authorization: Bearer xxx
cookie: G_ENABLED_IDPS=google; G_AUTHUSER_H=0
referer: https://myproject.web.app/auth/login/
sec-fetch-mode: cors
sec-fetch-site: same-origin
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Safari/537.36

The request returns JSON data, here are the response headers returned by the backend when actually handled by Cloud Run:

content-type: application/json
access-control-allow-origin: *
X-Cloud-Trace-Context: eeb4c0dbd22dd46f3c42fbe0b85b6420;o=1
Date: Wed, 06 Nov 2019 11:24:26 GMT
Server: Google Frontend
Content-Length: 240

So there is no specific header set by the server indicating that the response should be cached.

Answer 1

I found the solution ... I added the Cache-Control property in the headers and added two "no-cache" and "no-store" values

for instance:

"headers": [
      { "source":"**/user/**", "headers": [{"key": "Cache-Control", "value": "no-cache, no-store"}] }
    ]