1

My application is deployed in Google AppEngine and my DNS is in GoDaddy.

My app.yaml is like such:

handlers:
  - url: /.*
    http_headers:
      X-Forwarded-Proto: https
    script: auto
    secure: always
    redirect_http_response_code: 301
  - url: /
    http_headers:
      X-Forwarded-Proto: https
    static_files: build/index.html
    secure: always
    redirect_http_response_code: 301
    upload: build/index.html
  - url: /(.*)$
    http_headers:
      X-Forwarded-Proto: https
    static_files: build/\1
    secure: always
    redirect_http_response_code: 301
    upload: build/(.*)

But when I test out my app url

https://[project-id].appspot.com shows a secure site but http://[project-id].appspot.com does NOT

How do I have http redirect to https? Do I have the right changes in app.yaml. Or is there something to be done from the GoDaddy DNS side?

Also, when I type in my domain into the url e.g. https://[domain].com it goes to secure site, but then I type http://[domain].com it got to 'Not Secure' site

Dave M
  • 4,494
  • 21
  • 30
  • 30
Sonal
  • 11
  • 1
  • As I see it, the app.yaml looks correct to me. Can you provide the code that is returned when you request your webpage? What I would do in order to troubleshoot this issue is reduce the app.yaml to the minimum required parameters (`url`, `secure`) and add the other parameters one by one in order to identify which one is causing the issue. Forget about GoDaddy while testing this, it shouldn't matter. – Ajordat Apr 06 '20 at 14:42
  • Request URL: http://[project-id].appspot.com/ Request Method: GET Status Code: 304 Not Modified Referrer Policy: no-referrer-when-downgrade – Sonal Apr 07 '20 at 22:13
  • 304 is getting returned. Above is the output on the Developer console -> 'Network' tab. I know I should ideally see a 301 if the redirect happens. – Sonal Apr 07 '20 at 22:17
  • Btw, this is a appengine flex environment. Does that matter? Read somewhere that the secure flag does not work in appengine flex. – Sonal Apr 08 '20 at 03:41
  • Ended up making it work with approach in https://stackoverflow.com/questions/59815702/how-to-force-https-for-a-react-app-deployed-on-google-app-engine-node-js-flex-en. – Sonal Apr 13 '20 at 21:33

1 Answers1

1

Looking at the documentation there are two references to the app.yaml file, one for each environment: standard and flex. It seems that the secure keyword only appears on the standard environment, it just doesn't exist on flex.

There are two workarounds to this issue. The first one is changing to the standard environment. If that doesn't suit your needs then you should implement the redirection yourself from your application's code. This is not complicated, but I reckon it's extra work.

Ajordat
  • 135
  • 5
  • Can you please point me to sample code on how to do the redirect in the code for a basic react app please, if I choose to go with flex i.e.? Thanks. – Sonal Apr 08 '20 at 18:36
  • @Sonal Javascript is not one of my strengths, but in [this answer](https://stackoverflow.com/a/7458587/10810527) you can see how to redirect an http request to https with Node. Basically, what you have to do is create a server listening to http and then just return the 301 code redirecting to the https website. I have also found [this library](https://www.npmjs.com/package/react-https-redirect) that performs the redirection from React, but you should opt for the first solution. – Ajordat Apr 09 '20 at 07:30
  • Thanks for that. So two ways to go about it: 1. Https redirect in code. I am following this too but getting stuck at how to deploy it as a server proxying for an app - https://stackoverflow.com/questions/59815702/how-to-force-https-for-a-react-app-deployed-on-google-app-engine-node-js-flex-en. 2. I'll try the library too. – Sonal Apr 09 '20 at 14:36
  • @Sonal If you need more help regarding the original question, edit it and I'll update my answer (give me a heads up). Otherwise, if you have something else to ask, it may be worth to accept the answer and open a new question. – Ajordat Apr 10 '20 at 07:18