Databases
StackOverflow2013
Postsdbo
PORestrict view to only be accessible by App Engine internal network
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PORestrict view to only be accessible by App Engine internal network
    text
    copied!<p>I would like to find a way to restrict a view (request handler) to only be called from within the Google App Engine internal network from within my view and not within app.yaml.</p> <p>For example, I have a view to handle inbound email within my Flask application</p> <pre><code>@app.route('/_ah/mail/notifications@example.appspotmail.com', methods=['POST']) def inbound_notification_email(): from google.appengine.api import mail message = mail.InboundEmailMessage(request.data) ... return '' # 200 OK </code></pre> <p>While I know I could put all my mail handlers in their own file / wsgi instance like so:</p> <pre><code>handlers: - url: /_ah/mail/.+ script: inbound_mail.app login: admin </code></pre> <p>I would prefer not to have to do this as I'm using Flask instead of Webapp. Right now the request works as setup above, but it is exposed to the world.</p> <p>Inspecting the request to my <code>inbound_notification_email()</code> view, I see <code>X-App-Country</code> in the request header is set to <code>ZZ</code> and the request's remote address is <code>0.1.0.20</code>. I know the 0.x.x.x IP range is IANA reserved for local networks so it seems logical that checking if request.remote_address starts with "0." would work, but I'm not sure if all internal requests within App Engine are always handled this way (push queues and xmpp come to mind).</p> <p>One thing I was surprised to see was <code>users.is_current_user_admin()</code> returns False within <code>inbound_notification_mail()</code> even though you're to set <code>login: admin</code> when using Webapp.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload