You can conditionally set request.requires_https() depending on whether the
request comes from a GAE Task Queue. Apparently, Task Queue requests will
include HTTP headers as noted here: https://stackoverflow.com/a/14838696.
So, you can do something like:
if 'HTTP_X_APPENGINE_TASKNAME' not in request.env:
request.requires_https()
Note, any client can send those headers, so if you are worried about
someone spoofing such a request and then getting an HTTP connection, you
might instead be able to detect Task Queue requests by IP address.
According to the docs, Task Queue requests come from IP address 0.1.0.2
<https://cloud.google.com/appengine/docs/standard/python/taskqueue/push/creating-handlers#writing_a_push_task_request_handler>.
So, the code would be:
if request.env.remote_addr != '0.1.0.2':
request.requires_https()
Anthony
On Sunday, September 17, 2017 at 2:10:27 PM UTC-4, Robert Porter wrote:
>
> If I use Google's taskqueue.add(), it keeps giving me a 303 error over and
> over in the logs because it tries to use the HTTP version of the page the
> POST is sent to, but I have request.requires_https() in my db.py. I can't
> find a way for taskqueue to attempt an HTTPS connection.
>
> Removing request.requires_https() solves the issue, but isn't quite ideal.
>
> Anyone know a way around this?
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
