0

I have set up a static one page site on Google App Engine - standard environment - api_version: go1.

If a naive user incorrectly types www in the URL, https://www.givebackourbusses.appspot.com they get a scary warning in Firefox:

'Did Not Connect: Potential Security Issue'

I will not be using a custom domain for this site and would prefer to keep things static by modifying the app.yaml file.

This is my current app.yaml file:

runtime: go
api_version: go1

handlers:

- url: /favicon\.ico
  static_files: static/favicon.ico
  upload: static/favicon\.ico

- url: /
  static_files: static/index.html
  upload: static/index.html
  secure: always

- url: /static
  static_dir: static
  secure: always

# Everything not caught by the above goes to the app's Go code.
- url: /.*
  script: _go_app
  secure: always

How do I modify the app.yaml file to direct a request for www.givebackourbusses.appspot.com to https://givebackourbusses.appspot.com?

GBOB
  • 1
  • 2
  • Without a custom domain to tell the Load Balancer how to redirect requests, the closest will be to redirect the requests from the inside of the App. Have you tried Have you tried https://stackoverflow.com/a/39631948/8889821 ?. Also, if you are going to serve static content, I recommend https://cloud.google.com/storage/docs/hosting-static-website – Nahuel Varela Aug 13 '19 at 08:12
  • Google does not issue SSL certificates for double-wildcard domains that are hosted at appspot.com. Therefore, HTTPS requests must use the string "-dot-" as the URL notation, instead of "." for separating subdomains. You can use the simple "." URL notation with your own custom domains and other HTTP addresses. For more information, https://cloud.google.com/appengine/docs/standard/go/how-requests-are-routed – K F Aug 13 '19 at 14:19

1 Answers1

0

App Engine default certificates covers *.appspot.com, but not ..appspot.com.

As such, accessing it with https://project.appspot.com/ works as expected, but https://www.project.appspot.com does not returns a warning.

The only workaround will be using a custom certificate.

Nahuel Varela
  • 1,022
  • 7
  • 17