- Requests and domains
- Requests and HTTP
- Request headers
- Responses
- The request timer
- SPDY
- Logging
- The environment
- Quotas and limits
Requests and domains
App Engine determines that an incoming request is intended for your application using the domain name of the request. A request whose domain name is http://your_app_id.appspot.com is routed to the application whose ID is your_app_id. Every application gets an appspot.com domain name for free.
appspot.com domains also support subdomains of the form subdomain-dot-your_app_id.appspot.com, where subdomain can be any string allowed in one part of a domain
name (not .). Requests sent to any subdomain in this way are routed to your application.
You can set up a custom top-level domain using Google Apps. With Google Apps, you assign subdomains of your business's domain to various applications, such as Google Mail or Sites. You can also associate an App Engine application with a subdomain. For convenience, you can set up a Google Apps domain when you register your application ID, or later from the Administrator Console. See Deploying your Application on your Google Apps URL for more information.
Requests for these URLs all go to the version of your application that you have selected as the default version in the Administration Console. Each version of your application also has its own URL, so you can deploy and test a new version before making it the default version. The version-specific URL uses the version identifier from your app's configuration file in addition to the appspot.com domain name, in this pattern: http://version_id-dot-latest-dot-your_app_id.appspot.com You can also use subdomains with the version-specific URL: http://subdomain-dot-version_id-dot-latest-dot-your_app_id.appspot.com
The domain name used for the request is included in the request data passed to the application. If you want your app to respond differently depending on the domain name used to access it (such as to restrict access to certain domains, or redirect to an official domain), you can check the request data (such as the Host request header) for the domain from within the application code and respond accordingly.
If your app uses backends, you can address requests to a specific backend and a specific instance with that backend. For more information about backend addressability, please see Properties of Backends.
Note: After April 2013 Google does not issue SSL certificates for
double-wildcard domains hosted at appspot.com (i.e. *.*.appspot.com). If
you rely on such URLs for HTTPS access to your application, change any application logic to
use "-dot-" instead of ".". For example, to access version v1 of application myapp use
https://v1-dot-myapp.appspot.com. The certificate will not match if you use
https://v1.myapp.appspot.com, and an error occurs for any
User-Agent that expects the URL and certificate to match exactly.
Requests and HTTP
The Go runtime for App Engine uses the standard http
package as an interface between your Go
program and the App Engine servers. When App Engine receives a web request for
your application, it invokes the
http.Handler associated with the
request URL. (The URL must also be specified as a Go handler in the
application's app.yaml configuration file.)
App Engine runs multiple instances of your application, each instance has its own web server for handling requests. Any request can be routed to any instance, so consecutive requests from the same user are not necessarily sent to the same instance. An instance can handle multiple requests concurrently. The number of instances can be adjusted automatically as traffic changes.
The following example is a complete Go app that outputs a hard-coded HTML string to the user.
package hello
import (
"fmt"
"net/http"
)
func init() {
http.HandleFunc("/", hello)
}
func hello(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "<h1>Hello, world</h1>")
}
Request headers
An incoming HTTP request includes the HTTP headers sent by the client. For security purposes, some headers are sanitized or amended by intermediate proxies before they reach the application.
The following headers are removed from the request:
Accept-EncodingConnectionKeep-AliveProxy-AuthorizationTETrailerTransfer-Encoding
In addition, the header Strict-Transport-Security is removed from requests served to any domains other than appspot.com or *.appspot.com.
These headers relate to the transfer of the HTTP data between the client and server, and are transparent to the application. For example, the server may automatically send a gzipped response, depending on the value of the Accept-Encoding request header. The application itself does not need to know which content encodings the client can accept.
App Engine specific headers
As a service to the app, App Engine adds the following headers to all requests:
X-AppEngine-Country
- Country from which the request originated, as an ISO 3166-1 alpha-2 country code. App Engine determines this code from the client's IP address.
X-AppEngine-Region
- Name of region from which the request originated. This value only makes sense in the context of the country in
X-AppEngine-Country. For example, if the country is "US" and the region is "ca", that "ca" means "California", not Canada. The complete list of valid region values is found in the ISO-3166-2 standard.
X-AppEngine-City
- Name of the city from which the request originated. For example, a request from the city of Mountain View might have the header value
mountain view. There is no canonical list of valid values for this header.
X-AppEngine-CityLatLong
- Latitude and longitude of the city from which the request originated. This string might look like "37.386051,-122.083851" for a request from Mountain View.
App Engine services may add additional request headers:
The Task Queue service adds additional headers to requests from that provide details about the task in the request, and the queue it is associated with.
Requests from the Cron Service will also contain a HTTP header:
X-AppEngine-Cron: true
See Securing URLs for cron for more details.
Requests coming from other App Engine applications will include a header identifying the app making the request:
X-Appengine-Inbound-Appid
See the App Identity documentation for more details.
Responses
App Engine calls the handler with a Request and a ResponseWriter, then waits for the handler to write to the ResponseWriter and return. When the handler returns, the data in the ResponseWriter's internal buffer is sent to the user.
This is practically the same as when writing normal Go programs that use the http package.
As explained below, there are limits that apply to the response you generate, and the response may be modified before it is returned to the client.
Response size limits
Dynamic responses are limited to 32MB. If a script handler generates a response larger than this limit, the server sends back an empty response with a 500 Internal Server Error status code. This limitation does not apply to responses that serve data from the Blobstore or Google Cloud Storage .
Streaming Responses
App Engine does not support streaming responses where data is sent in incremental chunks to the client while a request is being processed. All data from your code is collected as described above and sent as a single HTTP response.
Response compression
If the client sends HTTP headers with the original request indicating that the client can accept compressed (gzipped) content, App Engine compresses the handler response data automatically and attaches the appropriate response headers. It uses both the Accept-Encoding and User-Agent request headers to determine if the client can reliably receive compressed responses.
Custom clients can indicate that they are able to receive compressed responses by specifying both Accept-Encoding and User-Agent headers with a value of gzip. The Content-Type of the response is also used to determine whether compression is appropriate; in general, text-based content types are compressed, whereas binary content types are not.
When responses are compressed automatically by App Engine, the Content-Encoding header is added to the response.
Headers removed
The following headers are ignored and removed from the response:
ConnectionContent-Encoding*Content-LengthDateKeep-AliveProxy-AuthenticateServerTrailerTransfer-EncodingUpgrade
* May be re-added if the response is compressed by App Engine.
In addition, the header Strict-Transport-Security is removed from responses served from any domains other than *.appspot.com.
Headers with non-ASCII characters in either the name or value are also removed.
Headers added or replaced
The following headers are added or replaced in the response:
Cache-Control, Expires and Vary
-
These headers specify caching policy to intermediate web proxies (such as Internet Service Providers) and browsers. If your script sets these headers, they will usually be unmodified, unless the response has a Set-Cookie header, or is generated for a user who is signed in using an administrator account. Static handlers will set these headers as directed by the configuration file. If you do not specify a
Cache-Control, the server may set it toprivate, and add aVary: Accept-Encodingheader.If you have a Set-Cookie response header, the
Cache-Controlheader will be set toprivate(if it is not already more restrictive) and theExpiresheader will be set to the current date (if it is not already in the past). Generally, this will allow browsers to cache the response, but not intermediate proxy servers. This is for security reasons, since if the response was cached publicly, another user could subsequently request the same resource, and retrieve the first user's cookie.
Content-Encoding
- Depending upon the request headers and response
Content-Type, the server may automatically compress the response body, as described above. In this case, it adds aContent-Encoding: gzipheader to indicate that the body is compressed. See the section on response compression for more detail.
Content-Length or Transfer-Encoding
- The server always ignores the
Content-Lengthheader returned by the application. It will either setContent-Lengthto the length of the body (after compression, if compression is applied), or deleteContent-Length, and use chunked transfer encoding (adding aTransfer-Encoding: chunkedheader).
Content-Type
-
If you do not explicitly set this header, the
http.ResponseWriterclass detects the content type from the start of the response body, and sets theContent-Typeheader accordingly.
Date
- Set to the current date and time.
Server
- Set to
Google Frontend. The development server sets this toDevelopment/x, where x is the version number.
If you access your site while signed in using an administrator account, App Engine includes per-request statistics in the response headers:
X-AppEngine-Estimated-CPM-US-Dollars
- An estimate of what 1,000 requests similar to this request would cost in US dollars.
X-AppEngine-Resource-Usage
- The resources used by the request, including server-side time as a number of milliseconds.
Responses with resource usage statistics will be made uncacheable.
If the X-AppEngine-BlobKey header is in the application's response, it and the optional X-AppEngine-BlobRange header will be used to replace the body with all or part of a blobstore blob's content. If Content-Type is not specified by the application, it will be set to the blob's MIME type. If a range is requested, the response status will be changed to 206 Partial Content, and a Content-Range header will be added. The X-AppEngine-BlobKey and X-AppEngine-BlobRange headers will be removed from the response. You do not normally need to set these headers yourself, as the blobstore_handlers.BlobstoreDownloadHandler class sets them. See Serving a Blob for details.
Response headers set in the application configuration
Custom HTTP Response headers can be set per URL for dynamic and static paths in your application's configuration file. See the http_headers sections in the configuration documentation for more details.
The request timer
A request handler has a limited amount of time to generate and return a response to a request, typically around 60 seconds. Once the deadline has been reached, the request handler is interrupted.
When a Go request handler exceeds the deadline, its process is terminated and the runtime environment returns an HTTP 500 Internal Server Error to the client.
While a request can take as long as 60 seconds to respond, App Engine is optimized for applications with short-lived requests, typically those that take a few hundred milliseconds. An efficient app responds quickly for the majority of requests. An app that doesn't will not scale well with App Engine's infrastructure.
Refer to Dealing with DeadlineExceededErrors for common DeadlineExceededError causes and suggested workarounds.
Backends allow you to avoid this request timer; with backends, there is no time limit for generating and returning a request.
SPDY
App Engine applications will automatically use the SPDY protocol when accessed over SSL by a browser that supports SPDY. This is a replacement for HTTP designed by Google and intended to reduce the latency of web page downloads. The use of SPDY should be entirely transparent to both applications and users (applications can be written as if normal HTTP was being used). For more information, see the SPDY project page.
Logging
The Context methods Debugf,
Infof, Warningf, Errorf, and Criticalf print messages into your application's logs.
You can view and analyze logs in the
Administration Console, and download logs
using appcfg.py
request_logs.
The following example demonstrates an HTTP handler that constructs an appengine.Context from the *http.Request and logs the requested URL.
package hello
import (
"appengine"
"net/http"
)
func init() {
http.HandleFunc("/", Logger)
}
func Logger(w http.ResponseWriter, r *http.Request) {
c := appengine.NewContext(r)
c.Infof("Requested URL: %v", r.URL)
}
The environment
The Go runtime provides access to environment information through the appengine.Context interface. See the appengine package reference for details.
Quotas and limits
Google App Engine automatically allocates resources to your application as traffic increases. However, this is bound by the following restrictions:
- App Engine reserves automatic scaling capacity for applications with low latency, where the application responds to requests in less than one second. Applications with very high latency (over one second per request for many requests) and high throughput require Silver, Gold, or Platinum support. Customers with this level of support can request higher throughput limits by contacting their support representative.
- Applications that are heavily CPU-bound may also incur some additional latency in order to efficiently share resources with other applications on the same servers. Requests for static files are exempt from these latency limits.
Each incoming request to the application counts toward the Requests limit. Data sent in response to a request counts toward the Outgoing Bandwidth (billable) limit.
Both HTTP and HTTPS (secure) requests count toward the Requests, Incoming Bandwidth (billable), and Outgoing Bandwidth (billable) limits. The Quota Details page of the Admin Console also reports Secure Requests, Secure Incoming Bandwidth, and Secure Outgoing Bandwidth as separate values for informational purposes. Only HTTPS requests count toward these values. See the Quotas page, and the "Quota Details" section of the Admin Console for more information.
In addition to system-wide safety limits, the following limits apply specifically to the use of request handlers:
| Limit | Amount |
|---|---|
| request size | 32 megabytes |
| response size | 32 megabytes |
| request duration | 60 seconds |
| maximum total number of files (app files and static files) | 10,000 total 1,000 per directory |
| maximum size of an application file | 32 megabytes |
| maximum size of a static file | 32 megabytes |
| maximum total size of all application and static files | first 1 gigabyte is free $ 0.026 per gigabyte per month after first 1 gigabyte |