阻止来自* .appspot.com的请求并在Google App Engine中强制自定义域名 [英] Block requests from *.appspot.com and force custom domain in Google App Engine

问题描述

如何防止用户通过example.appspot.com访问我的应用并强制他们在example.com上访问它？我已经有了example.com的工作，但我不希望用户能够访问appspot域。我使用python。

解决方案

您可以检查 os.environ ['HTTP_HOST']。 endswith（'。appspot.com'） - 如果是这样，那么您从 something.appspot.com 提供服务，并且可以发送重定向，或根据需要改变您的行为。

您可以在任何各种应用程序中部署此检查和重定向（如果需要）（或您选择的其他行为变更）方式（装饰器，WSGI中间件，继承自您的子类 webapp.RequestHandler [[或任何其他您正在使用的其他基本处理程序类]]的中间基类]和方法名称不同于在应用程序级处理程序类中获取和发布的名称，还有其他名称），但我认为这里的关键想法是 os.environ 由应用程序引擎设置框架根据CGI标准，所以你可以依赖这些标准（类似的，WSGI根据它从os.enviro获得的值建立自己的环境n）。

How can I prevent a user from accessing my app at example.appspot.com and force them to access it at example.com? I already have example.com working, but I don't want users to be able to access the appspot domain. I'm using python.

解决方案

You can check if os.environ['HTTP_HOST'].endswith('.appspot.com') -- if so, then you're serving from something.appspot.com and can send a redirect, or otherwise alter your behavior as desired.

You could deploy this check-and-redirect-if-needed (or other behavior alteration of your choice) in any of various ways (decorators, WSGI middleware, inheritance from an intermediate base class of yours that subclasses webapp.RequestHandler [[or whatever other base handler class you're currently using]] and method names different than get and post in your application-level handler classes, and others yet) but I think that the key idea here is that os.environ is set by the app engine framework according to CGI standards and so you can rely on those standards (similarly WSGI builds its own environment based on the values it picks up from os.environ).

这篇关于阻止来自* .appspot.com的请求并在Google App Engine中强制自定义域名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！