[google-appengine] Re: make GFE drop/abort/ignore http connection without reply & make GFE minimize response headers (reply size))

Hi! Indeed, I created 3 issues: https://issuetracker.google.com/19153287 2 https://issuetracker.google.com/191532873 https://issuetracker.google.com/19153287 4 issue-72 corresponds to my question 1 (and now c

[google-appengine] make GFE drop/abort/ignore http connection without reply & make GFE minimize response headers (reply size))

Hi! I will use these abbreviations: GFE: Google Frontend APP: my app engine app (java11 with jetty embedded web server) I try to make GFE *drop an http request*. I need this when I *rate limit* in my APP against bad actors (even if they are happen to be good, I choose service denial over *wallet

[google-appengine] Re: no response headers from Google Frontend (or not paying for them), denial of wallet attacks

Hi! Thanks for the reply. The incoming request headers are somewhat manipulated and you are right, for instance "X-Forwarded-For" is added and as a service to my app, it tells me the source request ip address. Then my app and my jetty web server handles the request. I remove all response headers

[google-appengine] no response headers from Google Frontend (or not paying for them), denial of wallet attacks

Hi, in LogsExplorer I see by a request (protoPayload): responseSize: "95" cost: 1.0617e-8 I guess it is byte and dollar, from: outgoing bandwidth cost of 0.12$/gb. This request has 0 content length and I tried to remove each and every response headers via Jetty. Still Google Frontend adds respo