Funny, I've been dealing with the same issue this week. We have a customer who is on their corporate network, and they cannot access our static resources if they use https://(projectid).
appspot.com. If they use HTTP, or our domain alias (
https://www.bluecore.com/) it works. I haven't been able to track down the cause, but there are minor certificate, DNS and IP differences between *.
appspot.com and
ghs.googlehosted.com.
This is a long winded way of saying: I've run into similar issues, I don't know how to fix them, but try plain HTTP or a domain alias as potential workarounds. Good luck, and if you figure out anything, please let me know.