Thanks for hint Ernesto, yes, that's exactly what we did, The issue has proven link to Google Page Speed service, as Bob discovered. When disabled in application console, the redirect works ok. When re-enabled, it fails again.
The issue is **observed** on production application with PageSpeed, **VIP SSL**, Google Apps domain authorization, Google Apps data set to store in **EU** Data Centers only. The issue is **not observed** on testing application with PageSpeed, **SNI SSL**, Google Apps domain authorization, without EU data location restriction. So, the SSL settings may also play role, as johnP noted. As a temporary workaround, we commented out *secure:always* for the site entry url's in *app.yaml*, and decorated their handler methods with https://gist.github.com/3974365. There's also stack overflow question on this topic, if you have similar issue, or look for solution. http://stackoverflow.com/questions/13064081/how-to-get-major-appengine-issues-fixed On Thursday, October 25, 2012 10:04:59 PM UTC+2, Ernesto Alejo Oltra wrote: > > Why don't you program the redirect manually in the meanwhile? It's easy to > manage the router to change http to https with only one handler (in fact I > do this to redirect my users from the X.appspot.com domain to the X.com > one) > > On Thursday, October 25, 2012 9:50:16 AM UTC+2, Jan Killian wrote: >> >> Hi fellow appengine developers, >> >> we have a major impact issue on an european bank application, which is >> their first Google Apps and Google Cloud experience. We'd need this to be >> addressed to keep the trust that Google can provide the service. Is there >> any option to get such a major issues fixed in a reasonable time? >> Preferably other than paying for a premier account, which is not needed for >> this pilot product at this time. >> >> The issue was already reported on appengine public issue tracker for over >> a month: http://code.google.com/p/googleappengine/issues/detail?id=7979 >> >> App Engine returns 403 on http://customdomain, instead of redirecting it >> to https, when secure:always is set in app.yaml. Authentication for the >> application is set to Google Apps domain, which may (or may not) play role >> in triggering the issue. >> >> http://appid.appspot.com redirects correctly to https://appid.appspot.com >> http://customdomain -> returns 403 >> https://customdomain -> works >> >> Thanks for a very good and beautifully designed service otherwise >> Jan >> > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/ByRPbfUEKc8J. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
