Hello All, I would like to see a less interactive method for domain aliasing, allowing greater support for SaaS applications - whereby the application owner does not need to prove ownership over the domain that is being pointed to it.
My thoughts are that a domain name should simply have a CNAME referencing the application domain (or friendly domain alias), as this in itself will prove authority over that domain. The appengine platform could perform a CNAME lookup on the hostname provided in the header to understand what application it is to use to serve the requests. Obviously, this would be cached to prevent the need to lookup on each request. Optionally, to prevent unauthorised leeching, the application owner could make use of a domain whitelist which is checked post lookup to make sure that the domain is permitted to use that application (not unlike the existing functionality, but permissive rather than authoritative for the pointed domain). This would be trivially administered using an API. This will provide a zero administration approach to client domains, whilst providing all the requirements of fulfilling domain "ownership". I would anticipate this to be a trivial change to the way in which appengine works - simply the inclusion of a domain proxy of sorts in front of the app layer. What are your thoughts? Matt --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
