Cache-control header from origin not respected

I am trying to access a resource that does not exist on my origin server. But Cloudflare caches the first request. Even though the server’s response indicates not to cache, using the cache-control header.

The cache-control header was tested with the values:

  • no-cache
  • max-age = 0
  • no-cache, max-age = 0
  • no-store

The result was the same, for all of them. I share the response and container logs. Where only request the first time.

curl test:

 ~  curl -I https://whoami.*************.com/b.js
HTTP/2 404
date: Tue, 20 Jul 2021 03:35:06 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLpBEtdXw0g41P1sQIqiffKQM8oG7Oc617AgyiGVPm%2FYzI730RUy9cdexBRaklp8iOAm0i4ljoxApCuZmcN4P2Mz7eg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 671923339dab3262-GYE

 ~  curl -I https://whoami.*************.com/b.js
HTTP/2 404
date: Tue, 20 Jul 2021 03:35:09 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FpJlxKwpGdI7krQOA5RL5DtBGe5DjHKKyjs9JIpO%2BXKmo8%2FxZ7chY7irOznFK0M6ZxI2jgZExUdSRK5Hk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6719234989db325e-GYE

 ~  curl -I https://whoami.*************.com/b.js
HTTP/2 404
date: Tue, 20 Jul 2021 03:35:12 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BFABzhwfmiFP2hLxLRqz7unsPhd7oYHHMpQ0Kl4zjXhL07pTsEJP1cxXAFl7cQapwjFSF4C0r2BSFx20AFFLw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67192360ddad3262-GYE

In the origin server(pod) I only have one request from cloudflare, the first one.

2021-07-19T22:34:50-05:00 Now listening on: http://localhost:80
2021-07-19T22:34:50-05:00 Application started. Press CTRL+C to shut down.
2021-07-19T22:35:05-05:00 [INFO] 2021/07/20 03:35 FullRequestURI: http://whoami.*************.com/b.js

When I change the response code from 404 to 403 then cloudflare’s behavior is as expected.

curl -I https://whoami.*************.com/d.js
HTTP/2 403
date: Tue, 20 Jul 2021 04:28:21 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: BYPASS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXnNrki7EkvjaLgXMFNKVANE36RFPeBF9jBuLE4NrbBimHc0uXOtY03ukCRG%2F%2Fyx%2B5K7MtCxyk%2FxAGbLOSWpuIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6719713a8f05325e-GYE

I don’t know what header I should put in the origin so that Cloudflare doesn’t cache 404 responses. Please help