Reputation: 31
How do I force a Python 3 Django application on AppEngine Flexible environment to always use https?
When using a custom domain with a Google generated security certificate, how do I get http requests to redirect to the https?
I tried setting the Django property SECURE_SSL_REDIRECT to True in settings, but that didn't work.
Edit: Yes, this question already exists, but the solution only works with Python2.
SOLUTION: For my purposes, the solution was simply to switch from the Appengine Flexible environment to the Appengine Standard environment. I solved my SSL issues with the following app.yaml.
runtime: python37
entrypoint: gunicorn -b :$PORT <django-project-name>.wsgi
handlers:
- url: /.*
secure: always
redirect_http_response_code: 301
script: auto
beta_settings:
cloud_sql_instances: "<project-id>:<region>:<cloud-sql-instance>"
Upvotes: 0
Views: 462
Answers (1)
Reputation: 31
After a bit of guess and check, I stumbled onto a solution.
Don't use the SECURE_SSL_REDIRECT Django setting. Instead, update your app.yaml to include secure:always, but also ensure that the entrypoint is set, url is set to /.*, and script is set to auto.
Despite Google documentation explicitly saying that the handlers section is deprecated, testing app deploys with and without the handlers section reveal that, as of today, GAE does reference the handlers section of the app.yaml.
Edit: Found this that clearly shows handlers in Python 3.7 app.yaml - https://cloud.google.com/appengine/docs/standard/python3/config/appref#handlers_element
app.yaml
runtime: python
env: flex
entrypoint: gunicorn -b :$PORT <projectid>.wsgi
handlers:
- url: /.*
secure: always
script: auto
beta_settings:
cloud_sql_instances: "<projectid>:<dbregion>:<dbinstance>"
runtime_config:
python_version: 3
After having more issues, despite the documentation saying handlers would work, I have switched to the Appengine Standard environment, and it is working perfectly.
runtime: python37
entrypoint: gunicorn -b :$PORT <django-project-name>.wsgi
handlers:
- url: /.*
secure: always
redirect_http_response_code: 301
script: auto
beta_settings:
cloud_sql_instances: "<project-id>:<region>:<cloud-sql-instance>"
Upvotes: 3
Related Questions
- Redirect http to https flask + appengine
- Permanently Redirect http to https on Google App Engine Flexible with Django
- How to enforce HTTPS traffic to Flexible Google App Engine with custom domain?
- How to force Google App Engine [python] to use SSL (https)?
- how to check the request is https in app engine python
- Django Project can't force Google Appengine to redirect to https
- How do I force all requests to use https on a custom domain in appengine?
- GAE dev_appserver.py over HTTPS
- Appengine using https instead of http
- Google app engine - How can i run the server as HTTPS for python?