REGION_ID is an abbreviated code that Google assigns
based on the region you select when you create your app. The code does not
correspond to a country or province, even though some region IDs may appear
similar to commonly used country and province codes. For apps created after
REGION_ID.r is included in
App Engine URLs. For existing apps created before this date, the
region ID is optional in the URL.
Learn more about region IDs.
This page describes how to issue HTTP(S) requests from your App Engine app.App Engine uses the URL Fetch service to issue outbound HTTP(S) requests. For details on request size limits and which headers are sent in a URL Fetch request, see Outbound Requests.
Issuing an HTTP request
The PHP language provides several functions for making remote HTTP requests. These are implemented in different ways in Google App Engine, and are subject to different quotas and costs:
- Stream handlers: The native
https://PHP stream handlers are configured to use App Engine's URL Fetch service to make HTTP requests. Many PHP functions such as file_get_contents() use stream handlers indirectly, and thus also use the URL Fetch service.
- cURL extension: The cURL extension uses the Sockets service. The cURL extension must be enabled in your application's php.ini file and billing must be enabled for your project.
- cURL "lite": cURL "lite" is a Google-supplied version of the cURL library
that uses the
URL Fetch service instead of
the Sockets service. You must enable cURL "lite" in your application's
The following methods of the cURL extension are not supported:
- support for non-standard protocols
- support for ports other than 80 (HTTP) or 443 (HTTPS)
Deciding whether to use cURL, cURL Lite, or stream wrappers depends largely on your application and preference. If you are unsure, use the Guzzle HTTP library. Guzzle provides an abstraction layer for HTTP requests, which allows you to change the underlying service without rewriting application code.
The standard HTTP(S) stream handlers are used in built-in PHP
functions such as
$url = 'http://httpbin.org/post?query=update'; $data = ['data' => 'this', 'data2' => 'that']; $headers = "accept: */*\r\n" . "Content-Type: application/x-www-form-urlencoded\r\n" . "Custom-Header: custom-value\r\n" . "Custom-Header-Two: custom-value-2\r\n"; $context = [ 'http' => [ 'method' => 'POST', 'header' => $headers, 'content' => http_build_query($data), ] ]; $context = stream_context_create($context); $result = file_get_contents($url, false, $context);
cURL and cURL "lite"
$url = 'http://httpbin.org/post?query=update'; $data = ['data' => 'this', 'data2' => 'that']; $headers = [ 'Accept: */*', 'Content-Type: application/x-www-form-urlencoded', 'Custom-Header: custom-value', 'Custom-Header-Two: custom-value-2' ]; // open connection $ch = curl_init(); // set curl options $options = [ CURLOPT_URL => $url, CURLOPT_POST => count($data), CURLOPT_POSTFIELDS => http_build_query($data), CURLOPT_HTTPHEADER => $headers, CURLOPT_RETURNTRANSFER => true, ]; curl_setopt_array($ch, $options); // execute $result = curl_exec($ch); // close connection curl_close($ch);
By default, Guzzle uses PHP's stream handler, but will automatically use a cURL handler if cURL or cURL "lite" is enabled.
$url = 'http://httpbin.org/post?query=update'; $data = ['data' => 'this', 'data2' => 'that']; $headers = [ 'Accept' => '*/*', 'Content-Type' => 'application/x-www-form-urlencoded', 'Custom-Header' => 'custom-value', 'Custom-Header-Two' => 'custom-value', ]; $guzzle = new GuzzleHttp\Client; $request = new GuzzleHttp\Psr7\Request('POST', $url, $headers, http_build_query($data)); $result = $guzzle->send($request);
Setting a request timeout
timeout option in
HTTP context to alter
If you are using URL Fetch, the underlying URL Fetch service follows up to five redirects by default. These redirects could forward sensitive information, such as authorization headers, to the redirected destination. If your app does not require HTTP redirects, it is recommended that you disable the redirects.
To instruct the URL Fetch service to not follow redirects, your app must
follow_location parameter in the
HTTP context options
Issuing an HTTPS request
See Issuing an HTTP Request above.
Disabling host certificate validation
By default, the App Engine implementation of the HTTPS wrapper attempts
to validate the certificate of the host, and rejects requests where the
certificate does not match. To disable this behavior, set the value of
false in the
SSL/TLS context options.
Issuing a request to another App Engine app
When issuing a request to another App Engine app, your App Engine app
must assert its identity by adding the header
to the request.
If you instruct the URL Fetch service to not follow redirects, App Engine
will add this header to requests automatically.
See Disabling redirects for guidance on disabling redirects.
Learn about the URL Fetch service, such as the headers that are sent in a URL Fetch request in Outbound Requests.