Enforce Https with cloud endpoints Framework v2











up vote
0
down vote

favorite












I am currently using cloud endpoints framework on an Appengine application.



Is it possible to enforce Https protocol for exposed endpoints?

Now, I am able to call my endpoints in https but also in http.

I wonder if we can set a redirection to Https like we can in appengine with the "transport-guarantee" set to CONFIDENTIAL.



As an example when I call the drive API on Http, I get the following message



{

"error": {

    "errors": [

        {

            "domain": "global",

            "reason": "sslRequired",

            "message": "SSL is required to perform this operation."

        }

    ],

    "code": 403,

    "message": "SSL is required to perform this operation."

}


}



I would like to have the same behavior with cloud endpoint framework.



Subsidiary questions I found no way to also set HTST on cloud endpoint framework whereas Google is promoting it.
Did I misunderstand something?



Thx!






google-cloud-platform google-cloud-endpoints google-cloud-endpoints-v2







share|improve this question




























    up vote
    0
    down vote

    favorite












    I am currently using cloud endpoints framework on an Appengine application.



    Is it possible to enforce Https protocol for exposed endpoints?

    Now, I am able to call my endpoints in https but also in http.

    I wonder if we can set a redirection to Https like we can in appengine with the "transport-guarantee" set to CONFIDENTIAL.



    As an example when I call the drive API on Http, I get the following message



    {
    
"error": {
    
    "errors": [
    
        {
    
            "domain": "global",
    
            "reason": "sslRequired",
    
            "message": "SSL is required to perform this operation."
    
        }
    
    ],
    
    "code": 403,
    
    "message": "SSL is required to perform this operation."
    
}


    }



    I would like to have the same behavior with cloud endpoint framework.



    Subsidiary questions I found no way to also set HTST on cloud endpoint framework whereas Google is promoting it.
    Did I misunderstand something?



    Thx!






    google-cloud-platform google-cloud-endpoints google-cloud-endpoints-v2







    share|improve this question


























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I am currently using cloud endpoints framework on an Appengine application.



      Is it possible to enforce Https protocol for exposed endpoints?

      Now, I am able to call my endpoints in https but also in http.

      I wonder if we can set a redirection to Https like we can in appengine with the "transport-guarantee" set to CONFIDENTIAL.



      As an example when I call the drive API on Http, I get the following message



      {
      
"error": {
      
    "errors": [
      
        {
      
            "domain": "global",
      
            "reason": "sslRequired",
      
            "message": "SSL is required to perform this operation."
      
        }
      
    ],
      
    "code": 403,
      
    "message": "SSL is required to perform this operation."
      
}


      }



      I would like to have the same behavior with cloud endpoint framework.



      Subsidiary questions I found no way to also set HTST on cloud endpoint framework whereas Google is promoting it.
      Did I misunderstand something?



      Thx!






      google-cloud-platform google-cloud-endpoints google-cloud-endpoints-v2







      share|improve this question















      I am currently using cloud endpoints framework on an Appengine application.



      Is it possible to enforce Https protocol for exposed endpoints?

      Now, I am able to call my endpoints in https but also in http.

      I wonder if we can set a redirection to Https like we can in appengine with the "transport-guarantee" set to CONFIDENTIAL.



      As an example when I call the drive API on Http, I get the following message



      {
      
"error": {
      
    "errors": [
      
        {
      
            "domain": "global",
      
            "reason": "sslRequired",
      
            "message": "SSL is required to perform this operation."
      
        }
      
    ],
      
    "code": 403,
      
    "message": "SSL is required to perform this operation."
      
}


      }



      I would like to have the same behavior with cloud endpoint framework.



      Subsidiary questions I found no way to also set HTST on cloud endpoint framework whereas Google is promoting it.
      Did I misunderstand something?



      Thx!






      google-cloud-platform google-cloud-endpoints google-cloud-endpoints-v2




      google-cloud-platform google-cloud-endpoints google-cloud-endpoints-v2






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 9 at 12:59

























      asked Nov 9 at 10:55









      chaiyachaiya

      1,2841013




      1,2841013
























          1 Answer
          1






          active

          oldest

          votes

















          up vote
          1
          down vote



          accepted










          If you're using Endpoints Frameworks, that's just a code library for doing API policy enforcement (API keys, rate limiting, etc.), which means Endpoints is only involved after an HTTPS or HTTP connection has been established.



          Since you're running your API on App Engine, I'd recommend trying to make your AppEngine app HTTPS-only.






          share|improve this answer





















            Your Answer






            StackExchange.ifUsing("editor", function () {
            StackExchange.using("externalEditor", function () {
            StackExchange.using("snippets", function () {
            StackExchange.snippets.init();
            });
            });
            }, "code-snippets");

            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "1"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53224370%2fenforce-https-with-cloud-endpoints-framework-v2%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            1
            down vote



            accepted










            If you're using Endpoints Frameworks, that's just a code library for doing API policy enforcement (API keys, rate limiting, etc.), which means Endpoints is only involved after an HTTPS or HTTP connection has been established.



            Since you're running your API on App Engine, I'd recommend trying to make your AppEngine app HTTPS-only.






            share|improve this answer

























              up vote
              1
              down vote



              accepted










              If you're using Endpoints Frameworks, that's just a code library for doing API policy enforcement (API keys, rate limiting, etc.), which means Endpoints is only involved after an HTTPS or HTTP connection has been established.



              Since you're running your API on App Engine, I'd recommend trying to make your AppEngine app HTTPS-only.






              share|improve this answer























                up vote
                1
                down vote



                accepted







                up vote
                1
                down vote



                accepted






                If you're using Endpoints Frameworks, that's just a code library for doing API policy enforcement (API keys, rate limiting, etc.), which means Endpoints is only involved after an HTTPS or HTTP connection has been established.



                Since you're running your API on App Engine, I'd recommend trying to make your AppEngine app HTTPS-only.






                share|improve this answer












                If you're using Endpoints Frameworks, that's just a code library for doing API policy enforcement (API keys, rate limiting, etc.), which means Endpoints is only involved after an HTTPS or HTTP connection has been established.



                Since you're running your API on App Engine, I'd recommend trying to make your AppEngine app HTTPS-only.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Nov 9 at 20:31









                Andrew Gunsch

                761




                761






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Stack Overflow!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.





                    Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                    Please pay close attention to the following guidance:


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53224370%2fenforce-https-with-cloud-endpoints-framework-v2%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    這個網誌中的熱門文章

                    Hercules Kyvelos

                    圖片
                    Hercules Kyvelos Statistics Real name Hercules Kyvelos Nickname(s) The God Weight(s) Middleweight Light Middleweight Welterweight Height 5 ft 10 in (180 cm) Reach 72 in (183 cm) Nationality Canadian Born ( 1975-02-25 ) February 25, 1975 (age 43) Montreal, Quebec Stance Orthodox Boxing record Total fights 27 Wins 24 Wins by KO 12 Losses 3 Draws 0 No contests 0 Hercules Kyvelos Medal record Men's Boxing Representing   Canada Pan American Games 1995 Mar del Plata Welterweight Hercules Kyvelos (born February 25, 1975) is a Greek-Canadian boxer in the Welterweight division and is the former Canadian Welterweight Champion. [1] He fought at the 1996 Summer Olympics in Atlanta, Georgia. Contents 1 Early life 2 Amateur career 3 Pro career 3.1 WBO Welterweight Championship 3.2 Personal life 4 References 5 External links Early life Hercules was born in
                    閱讀完整內容

                    Tangent Lines Diagram Along Smooth Curve

                    圖片
                    7 1 I am trying to replicate a diagram and have a minimal example. I don't know how to add additional tangents between the specified points and preserve smoothness. documentclass{article} usepackage{tikz} usetikzlibrary{calc,intersections} begin{document} begin{tikzpicture} % Axes draw [->, name path=x] (-1,0) -- (11,0) node [right] {$x$}; draw [->] (0,-1) -- (0,6) node [above] {$y$}; % Origin node at (0,0) [below left] {$0$}; % Points coordinate (start) at (1,-0.8); coordinate (c1) at (3,3); coordinate (c2) at (5.5,1.5); coordinate (c3) at (8,4); coordinate (end) at (10.5,-0.8); % show the points foreach n in {start,c1,c2,c3,end} fill [black] (n) circle (2pt) node [below] {}; % join the coordinates draw [thick,name path=curve] (start) to[out=70,in=180] (c1) to[out=0,in=180]
                    閱讀完整內容

                    Yusuf al-Mu'taman ibn Hud

                    圖片
                    Main article: Taifa of Zaragoza Al-Mu'taman Ruler of Zaragoza Reign 1081–1085 Predecessor Ahmad al-Muqtadir Successor Al-Mustain II Born Zaragoza Died 1085 Full name Yusuf ibn Ahmad al-Mu'taman ibn Hūd House Banu Hud Yusuf ibn Ahmad al-Mu'taman ibn Hūd (Arabic: المؤتمن بالله يوسف إبن أحمد إبن هود ‎, al-Mutaman bi l-Lah , died c. 1085) was the third king of the Banu Hud dynasty who ruled over the Taifa of Zaragoza from 1081 to 1085. Yusuf al-Mutaman reigned during the height of power of Muslim Zaragoza , following the thriving period of his father Ahmad al-Muqtadir. He continued his father's efforts and created around him a court of intellectuals, living in the beautiful palace of Aljafería, nicknamed as "the palace of joy". Al-Mu'taman was also a scholarly king and a patron of science, philosophy and arts. As an example of a wise king, he knew astrology, philosophy, and especially mathematics, a discipline in which
                    閱讀完整內容