A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from http://cloud.google.com/appengine/docs/standard/reference/request-headers below:

Request headers and responses | Google App Engine standard environment docs

Request headers and responses

Stay organized with collections Save and categorize content based on your preferences.

Region ID

The REGION_ID is an abbreviated code that Google assigns based on the region you select when you create your app. The code does not correspond to a country or province, even though some region IDs may appear similar to commonly used country and province codes. For apps created after February 2020, REGION_ID.r is included in App Engine URLs. For existing apps created before this date, the region ID is optional in the URL.

Learn more about region IDs.

Use this reference page for details about what HTTP headers are supported as well as the request and response limits in App Engine. To understand how App Engine receives requests and sends responses, see How Requests Are Handled.

An incoming HTTP request includes the HTTP headers sent by the client. For security purposes, some headers are sanitized, amended, or removed by intermediate proxies before they reach the application.

The following headers are removed from incoming requests if a client sends them:

In addition, the following headers are removed from incoming requests because they relate to the transfer of the HTTP data between the client and server:

For example, the server may automatically send a gzipped response depending on the value of the Accept-Encoding request header. The application itself does not need to know which content encodings the client can accept.

Note: Entity headers (headers relating to the request body) are not sanitized or checked, so applications should not rely on them. In particular, the Content- MD5 request header is sent unmodified to the application, so may not match the MD5 hash of the content. Also, the Content-Encoding request header is not checked by the server, so if the client sends a gzipped request body, it will be sent in compressed form to the application.

As a service to the app, App Engine adds the following headers to all requests:

X-Appengine-Country
Country from which the request originated, as an ISO 3166-1 alpha-2 country code. App Engine determines this code from the client's IP address. Note that the country information is not derived from the WHOIS database; it's possible that an IP address with country information in the WHOIS database will not have country information in the X-Appengine-Country header. Your application should handle the special country code ZZ (unknown country).
X-Appengine-Region
Name of region from which the request originated. This value only makes sense in the context of the country in X -Appengine-Country. For example, if the country is "US" and the region is "ca", that "ca" means "California", not Canada. The complete list of valid region values is found in the ISO-3166-2 standard.
X-Appengine-City
Name of the city from which the request originated. For example, a request from the city of Mountain View might have the header value mountain view. There is no canonical list of valid values for this header. If the city can't be resolved, the header value is set to ?.
X-Appengine-CityLatLong
Latitude and longitude of the city from which the request originated. This string might look like "37.386051,-122.083851" for a request from Mountain View. If the city can't be resolved, the header value is set to 0.000000,0.000000.
X-Cloud-Trace-Context
A unique identifier for the request used for Cloud Trace and Cloud Logging. There isn't an option to disable this header or choose the sampling rate for tracing since all App Engine standard environment apps are traced automatically.
X-Forwarded-For: [CLIENT_IP(s)], [global forwarding rule IP]

A comma-delimited list of IP addresses through which the client request has been routed. The first IP in this list is generally the IP of the client that created the request. The subsequent IPs provide information about proxy servers that also handled the request before it reached the application server. For example:

X-Forwarded-For: clientIp, proxy1Ip, proxy2Ip
X-Forwarded-Proto [http | https]

Shows http or https based on the protocol the client used to connect to your application.

The Google Cloud Load Balancer terminates all https connections, and then forwards traffic to App Engine instances over http. For example, if a user requests access to your site via https://PROJECT_ID.REGION_ID.r.appspot.com, the X- Forwarded-Proto header value is https.

In addition, App Engine may set the following headers which are for internal use by App Engine:

App Engine services may add additional request headers:

Request responses

This HTTP header documentation only applies to responses to inbound HTTP requests. The response may be modified before it is returned to the client.

The following headers are ignored and removed from the response:

* May be re-added if the response is compressed by App Engine.

Headers with non-ASCII characters in either the name or value are also removed.

The following headers are added or replaced in the response:

Cache-Control, Expires and Vary

These headers specify caching policy to intermediate web proxies (such as the Google Frontend and Internet Service Providers) and browsers. If your app sets these response headers, they will usually be unmodified unless your app also sets a Set-Cookie header, or the response is generated for a user who is signed in using an administrator account.

If your app sets a Set-Cookie response header, the Cache-Control header will be set to private (if it is not already more restrictive) and the Expires header will be set to the current date (if it is not already in the past). Generally, this will allow browsers to cache the response, but not intermediate proxy servers. This is for security reasons, since if the response was cached publicly, another user could subsequently request the same resource, and retrieve the first user's cookie.

Note: For all runtimes except Java, the development server disables caching by default (for both script and static content), so that if you do not specify caching headers, you will not have cached content while developing your app.

If your app does not set the Cache-Control response header, the server may set it to private and add a Vary: Accept-Encoding header.

For more information about caching, including the list of Vary values that the Google Frontend supports, see Response caching.

Content-Encoding

Depending upon the request headers and response Content-Type, the server may automatically compress the response body, as described above. In this case, it adds a Content-Encoding: gzip header to indicate that the body is compressed. See the section on response compression for more detail.

Content-Length or Transfer-Encoding

The server always ignores the Content-Length header returned by the application. It will either set Content-Length to the length of the body (after compression, if compression is applied), or delete Content-Length, and use chunked transfer encoding (adding a Transfer-Encoding: chunked header). If Content-Length is set incorrectly for second-generation runtimes, App Engine returns a 500 response.

Date

Set to the current date and time.

Server
Set to Google Frontend. The development server sets this to Development/x, where x is the version number.

If you access dynamic pages on your site while signed in using an administrator account, App Engine includes per-request statistics in the response headers:

X-Appengine-Resource-Usage
The resources used by the request, including server-side time as a number of milliseconds.

Responses with resource usage statistics will be made uncacheable.

Custom HTTP Response headers can be set per URL for dynamic and static paths in your application's configuration file. See the http_headers sections in the configuration documentation for more details.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-08-07 UTC.

[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["The `REGION_ID` is a region-specific code assigned by Google for App Engine apps, incorporated into URLs for apps created after February 2020, and it does not correspond to a specific country."],["Certain HTTP headers are removed from incoming requests for security and functionality reasons, including those matching the `X-Google-*` pattern, App Engine-specific headers, and those related to HTTP data transfer like `Accept-Encoding` and `Connection`."],["App Engine adds specific headers to all requests, such as `X-Appengine-Country`, `X-Appengine-Region`, and `X-Cloud-Trace-Context`, to provide information about the request's origin and tracing data."],["When responding to inbound HTTP requests, App Engine modifies the headers, removing certain ones like `Connection` and `Content-Length`, and adding or replacing others like `Cache-Control` and `Date`."],["App Engine may automatically compress response bodies, adding `Content-Encoding: gzip` to the header when applied, and the server will manage `Content-Length` or use chunked transfer encoding (`Transfer-Encoding: chunked`)."]]],[]]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4