Re: [google-appengine] App Accessible via HTTPS but not HTTP

[Jeff Schnitzer]

If you figure out how to cause this "bug", please let the rest of us know ;-)

Jeff

On Mon, Jun 18, 2012 at 10:41 AM, emmett9001 <emm...@parsely.com> wrote:
> I have an appengine app that uses Amazon Route53 as its nameserver. I've
> used Route53 to create a CNAME record of "ghs.google.com" for the desired
> subdomain. I've also used the google cpanel to link the subdomain to the
> app. Currently, the app is accessible at https://subdomain.domain.com but
> not http://subdomain.domain.com - that is, it's accessible over HTTPS but
> not HTTP. Is there some misconfiguration in either Route53, Appengine, or
> the Google Apps control panel that might be causing this issue? Thanks for
> any help and insight.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Google App Engine" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/google-appengine/-/OeZzfwSVq-UJ.
> To post to this group, send email to google-a...@googlegroups.com.
> To unsubscribe from this group, send email to
> google-appengi...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/google-appengine?hl=en.

[Hamilton Carter]

Hi,

I believe you can cause this to happen in your app.yaml file.  If you have something like:

url: .*

  script: main.py

  secure: always

it might 'force' all accesses through https.

Best Regards,

Hamilton

[Jeff Schnitzer]

Yes, but - unless someone has rolled out a wonderful new feature
silently - you cannot make https requests to ghs.google.com. The
"secure" setting only works on *.appspot.com.

Jeff

> --
> You received this message because you are subscribed to the Google Groups
> "Google App Engine" group.
> To view this discussion on the web visit

> https://groups.google.com/d/msg/google-appengine/-/Jlcu0ZEO9UcJ.

[Emanuele Ziglioli]

Hi Jeff,

https has started working for us last week on a custom domain, although with a certificate error.

I had request to be included in the trial but had not notification of that.

Previously I had had some success doing secure authentication with json-rpc and Cors:

https://groups.google.com/forum/?fromgroups#!topic/vosao-cms-development/cybFCgCvYt0

Support from browsers for Cors and cookies is spotty at this point in time but it almost works.

Basically I've implemented a servlet filter on a subpath and secured that with https. When I receive requests on that subdomain, I strip the /secure/ prefix and I redirect that request internally.

There's a useful Cors filter here: http://software.dzhuvinov.com/cors-filter.html

Emanuele 

> To post to this group, send email to google-appengine@googlegroups.com.

> To unsubscribe from this group, send email to

> google-appengine+unsubscribe@googlegroups.com.

[Cayden Meyer]

Hi Emanuele, 

Can you explain what you mean by this statement from your previous post? 

https has started working for us last week on a custom domain, although with a certificate error.
I had request to be included in the trial but had not notification of that. 

Thanks,

Cayden Meyer
Product Manager, Google App Engine

To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/FOyZue1PMvwJ.

To post to this group, send email to google-a...@googlegroups.com.
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.

[Emanuele Ziglioli]

On Monday, 25 June 2012 12:15:08 UTC+12, Cayden Meyer wrote:

Hi Emanuele, 

Can you explain what you mean by this statement from your previous post? 

https has started working for us last week on a custom domain, although with a certificate error.

I've noticed that https://www.ourdomain.com is now working.

Browsers warn us that the certificate is issued by google.com and not by ourdomain.com. So if accept that exception and go on it works fine. Please don't take it away...

 

I had request to be included in the trial but had not notification of that. 

Sorry about my English :-) 

I had submitted a request to be added to the https trial but have never received an invitation.  

 

[johnP]

I was assuming that this would be the 'big announcement' at the IO conference.  I guess you confirmed it :)

[Emanuele Ziglioli]

Well, https has suddenly stopped working.

That's classy

On Monday, 25 June 2012 12:15:08 UTC+12, Cayden Meyer wrote:

[Emanuele Ziglioli]

...should have kept my bloody mouth shut, that'll teach me, ay