如何强制 Google App Engine [python] 使用 SSL (https)?
How to force Google App Engine [python] to use SSL (https)?
我使用 Python 在 Google App Engine 上编写了一个网络应用程序。
用户可以通过 http://[youraccount].appspot.com 和 https://[ 访问我的网站你的帐户].appspot.com
如何将 http 流量重定向到 https 站点。
换句话说,我如何强制此站点使用 SSL(https) 以实现 安全性 目的(以及更好的 SEO )?
只需在 app.yaml 文件中添加一个 secure 参数即可。
handlers:
- url: /youraccount/.*
script: accounts.py
login: required
secure: always
见Configuring Secure URLs in app.yaml
Google App Engine supports secure connections via HTTPS for URLs using
the *.appspot.com domain. When a request accesses a URL using HTTPS,
and that URL is configured to use HTTPS in the app.yaml file, both the
request data and the response data are encrypted by the sender before
they are transmitted, and decrypted by the recipient after they are
received. Secure connections are useful for protecting customer data,
such as contact information, passwords, and private messages.
对于 Google App Engine 上 Flexible 环境中的 Django 项目 运行,在 app.yaml 中设置 secure: always 不会没工作 [Google Cloud docs]。
相反,在我的 settings.py 文件中,我添加了以下 [Django docs]:
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SECURE_SSL_REDIRECT = True
SECURE_HSTS_SECONDS = 31536000
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
请注意,SECURE_PROXY_SSL_HEADER 是必需的,因为服务器位于负载平衡器后面。
我使用 Python 在 Google App Engine 上编写了一个网络应用程序。
用户可以通过 http://[youraccount].appspot.com 和 https://[ 访问我的网站你的帐户].appspot.com
如何将 http 流量重定向到 https 站点。
换句话说,我如何强制此站点使用 SSL(https) 以实现 安全性 目的(以及更好的 SEO )?
只需在 app.yaml 文件中添加一个 secure 参数即可。
handlers:
- url: /youraccount/.*
script: accounts.py
login: required
secure: always
见Configuring Secure URLs in app.yaml
Google App Engine supports secure connections via HTTPS for URLs using the
*.appspot.comdomain. When a request accesses a URL using HTTPS, and that URL is configured to use HTTPS in the app.yaml file, both the request data and the response data are encrypted by the sender before they are transmitted, and decrypted by the recipient after they are received. Secure connections are useful for protecting customer data, such as contact information, passwords, and private messages.
对于 Google App Engine 上 Flexible 环境中的 Django 项目 运行,在 app.yaml 中设置 secure: always 不会没工作 [Google Cloud docs]。
相反,在我的 settings.py 文件中,我添加了以下 [Django docs]:
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SECURE_SSL_REDIRECT = True
SECURE_HSTS_SECONDS = 31536000
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
请注意,SECURE_PROXY_SSL_HEADER 是必需的,因为服务器位于负载平衡器后面。