Instead of offering your file as static file (whose download you can't control) you could offer your file via url request from datastore and make registration and login obligatory or block any third request from the same IP.
Then a single attacker has got no chance, only a bot net would be effective and if you are attacked by a botnet you are lost anyway - could only take your app out of service, if there is too much download. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---