I use httplib.HTTPConnection within my app. Do I really need to provide host parameter in httplib.HTTPConnection constructor? If so, why? (I mean, I know that it's a mandatory parameter, but I wonder if I could specify None or empty string) And is there any global constant in Google AppEngine and in development server which I can use within my app in order to omit explicitly defined host.
If you leave it out of the constructor, how will the other methods know where to send their messages?
The address/name of the server you're connecting to is the parameter for the HTTPConnection, the URI on that server is what goes into request.
From the python documentation (which is the basis for AppEngine)
h1 = httplib.HTTPConnection(host[, port[, strict[, timeout[, source_address]]]])
h1.request(method, url[, body[, headers]])
[edit]
Remember, it may not always be you who is responsible for this code. Also, why complicate things by including so much more information in the URI when you're (for example) making calls to numerous URI's on the same website?
[/edit]
Related
Sorry if this might be a bit of a trivial question, but I wanna be sure and couldn't exactly find a definitive answer online.
I am writing a small app that uses Mapbox, and I am using react-map-gl for it. They require the access token on the client side, so they suggest using an environment variable. My question is would it be okay to simply create a .env file in the front-end folder and put the variable there?
Thanks!
You can't get away from revealing API keys on the front end. If someone wants to dig around in your source code, they will find them.
However, you should always configure any API key that is visible on the Internet to be restricted to specific referrers, i.e. the domain of your website.
Usually this is done during creation of an API key through your provider's dashboard.
For Mapbox, you can read the documentation on restricting API tokens here. It states:
You can make your access tokens for web maps more secure by adding URL restrictions. When you add a URL restriction to a token, that token will only work for requests that originate from the URLs you specify. Tokens without restrictions will work for requests originating from any URL.
(emphasis my own)
They require the access token on the client side, so they suggest using an environment variable. My question is would it be okay to simply create a .env file in the front-end folder and put the variable there?
There are two reasons one uses environment variables in front-end development:
As a convenience, to keep environment-specific configuration removed from source code.
To keep sensitive information out of source code. You shouldn't commit API tokens or other similarly sensitive details to your version control.
Using environment variables in front-end code will not to keep their values secret from the end user. Whatever the value of an environment variable is at build time will be visible in the compiled output.
I use google managed-VMs. My module has several instances. I need to perform a HTTP call on each of these instances. Hence, I would like to know if there is a way to specify the recipient instance in the URL.
For instance I tried: http://<instance-name>.<module-name>.<project-name>.appspot.com/ without success.
You're missing a <version-name> in there:
http://<instance-name>.<version-name>.<module-name>.<project-name>.appspot.com
See https://cloud.google.com/appengine/docs/python/modules/#Python_Application_hierarchy for more details (this is the page for Python, but it applies across-the-board.
Since Google AppEngine 1.8.5 there is a new warning in the development environment:
WARNING 2013-09-27 10:10:53,035 api_config.py:1768] Method specifies path
parameters but you are not using a ResourceContainer. This will fail in future
releases; please switch to using ResourceContainer as soon as possible.
What are ResourceContainers and how to use them?
They recently updated the docs to explain this change here: Google App Engine Docs
Basically what you want to do is to separate the request body and the query/path parameters.
The request body will be a normal messages.Message class and you define any additional parameters in the ResourceContainer.
YOUR_RESOURCE_CONTAINER = endpoints.ResourceContainer(
MyRequestBodyMessagesClass,
parameter1=messages.IntegerField(2, required=True)
parameter2=messages.StringField(3))
This change should help to minimize the amount of necessary Message classes because you can mostly reuse the RequestBody-Message for Response-Messages as well.
Note: if you are using the endpoints-proto-datastore there's an open issue about this.
I'd like to know, in a particular request, what the pending_ms value is (assuming it exists for the given request).
I know that the App Engine logs include this value, but I'm hoping to find it elsewhere for use in gae_mini_profiler.
I've searched around the App Engine source, but no luck -- this is being added elsewhere in the GAE pipeline.
There's not currently any way to access this programmatically, either from within the request or outside it. Please do file a feature request for it, though.
I actually asked this question before, but I cannot get my account details back, so I'm asking again:
I have a series of different domain names that I would like to all point (via URL forwarding from my domain host) to a google app engine application that reads what the forwarding URL is. So if the domain typed in was original XYZ.com, then when I am forwarded to my application, I can return what that original domain name was. I'm using the python variant. How best can I do this without coding for each and every variant?
So for example I might have aaa.com and bbb.com and ccc.com that all should point to the same appspotdomain, and I wish to somehow determine what the referring URL was. I have thousands of domains and I have URL forwarding set-up. So unless I put something in the header is there a smart way to pull out the referring URL. I have tried the os.environ["SERVER_NAME"] route but this just gives the app-engine domain.
Try
os.environ['HTTP_REFERER']
or
self.request.headers['Referer']
Be careful though, it might not always be available.