CODEWITHSUNDEEP
google-app-engine
user291701
user291701

Reputation: 39731

URL fetch service - is https secure or not?

I'd like to use the URL fetch service for app engine (java). I'm just sending a POST to one of my own servers from a servlet.

AppEngine -> post-to: https://www.myotherserver.com/scripts/log.php

I'm reading the url fetch doc:

Secure Connections and HTTPS
An app can fetch a URL with the HTTPS method to connect to secure servers. Request and response data are transmitted over the network in encrypted form.

The proxy the URL Fetch service uses cannot authenticate the host it is contacting. Because there is no certificate trust chain, the proxy accepts all certificates, including self-signed certificates. The proxy server cannot detect "man in the middle" attacks between App Engine and the remote host when using HTTPS.

I don't understand - the first paragraph makesit sound like everything that goes from the servlet on app engine, to my php script is going to be secure if I use https. The second paragraph makes it sound like the opposite, that it won't actually be secure. Which is it?

Thanks

Upvotes: 2

Views: 1183

Answers (2)

systempuntoout
systempuntoout

Reputation: 74134

The UrlFetch through https has been fixed allowing certificate server validation.

validate_certificate
A value of True instructs the application to send a request to the server only if the certificate is valid and signed by a trusted CA, and also includes a hostname that matches the certificate. A value of False instructs the application to perform no certificate validation. A value of None defaults to the underlying implementation of URL Fetch. The underlying implementation currently defaults to False, but will default to True in the near future.

Upvotes: 1

Peter Recore
Peter Recore

Reputation: 14197

There are two things HTTPS does for you. One is to encrypt your data so that as it travels over the internet, through various routers and switches, no one can peek at it. The second thing HTTPS does is authenticate that you are actually talking to a certain server. This is the part App Engine can't do. If you were trying to connect to www.myotherserver.com, it is possible that some bad guy named bob could intercept your connection, and pretend to be www.myotherserver.com. Everything you sent to bob would be encrypted on it's way to bob, but bob himself would be able to get the unencrypted data.

In your case, it sounds like you control both the sending server and the destination server, so you could encrypt your data with a shared secret to protect against this possibility.

Upvotes: 2

Related Questions