Menu
I'm trying to implement some Google APIs in my Flask/Google App Engine web app.
I'm currently stuck on the authentication part as oauth2 redirect URI requires the connection to be secure and I cannot do that with Flask since it's the GAE environment that starts my flask app and I cannot do as suggested from the Flask documentation here
Do you know how to enforce HTTPS on a Flask application ran by Google App Engine?
618
In addition to Justin's answer which works well for app engine apps on the flexible runtime, it might be 'simpler' to just use the secure option or attribute on your url handler in your app.yaml file since you're running in standard.
For example:
- url: .*
script: main.app # the flask app handling requests
secure: always
This will force all requests to use https on the appspot domain.
Note that if you decide to add a custom domain later, you'll need to provide valid https certificates yourself to handle https properly
141
You need to use a library that forces redirects based on the x-forwarded-proto header. Take a look at this:
https://github.com/GoogleCloudPlatform/flask-talisman
28
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
