Issuing HTTP(S) Requests

This page describes how to issue HTTP(S) requests from your App Engine app.

App Engine uses the URL Fetch service to issue outbound HTTP(S) requests. For details about how the URL Fetch service is implemented and which headers are sent in a URL Fetch request, see Outbound Requests.

  1. Issuing an HTTP request
    1. Setting a request timeout
  2. Issuing an HTTPS request
    1. Disabling host certificate validation
  3. Issuing a request to another App Engine app

Issuing an HTTP request

The PHP language provides several functions for making remote HTTP requests. These are implemented in different ways in Google App Engine, and are subject to different quotas and costs:

  • Stream handlers: The native http:// and https:// PHP stream handlers are configured to use App Engine's URL Fetch service to make HTTP requests. Many PHP functions such as file_get_contents() use stream handlers indirectly, and thus also use the URL Fetch service.
  • cURL extension: The cURL extension uses the Sockets service. The cURL extension must be enabled in your application's php.ini file and billing must be enabled for your project.
  • cURL "lite": cURL "lite" is a Google-supplied version of the cURL library that uses the URL Fetch service instead of the Sockets service. You must enable cURL "lite" in your application's php.ini file. The following methods of the cURL extension are not supported:
    • curl_multi_* functions
    • support for non-standard protocols
    • support for ports other than 80 (HTTP) or 443 (HTTPS)

Deciding whether to use cURL, cURL Lite, or stream wrappers depends largely on your application and preference. If you are unsure, use the Guzzle HTTP library. Guzzle provides an abstraction layer for HTTP requests, which allows you to change the underlying service without rewriting application code.

Stream handlers

The standard HTTP(S) stream handlers are used in built-in PHP functions such as fopen() and file_get_contents().

$url = '';
$data = ['data' => 'this', 'data2' => 'that'];
$headers = "accept: */*\r\n" .
    "Content-Type: application/x-www-form-urlencoded\r\n" .
    "Custom-Header: custom-value\r\n" .
    "Custom-Header-Two: custom-value-2\r\n";

$context = [
    'http' => [
        'method' => 'POST',
        'header' => $headers,
        'content' => http_build_query($data),
$context = stream_context_create($context);
$result = file_get_contents($url, false, $context);

cURL and cURL "lite"

Enable cURL or cURL "lite" in php.ini to use cURL functions for outbound requests. cURL "lite" uses the URL Fetch service, while cURL uses the Sockets API

$url = '';
$data = ['data' => 'this', 'data2' => 'that'];
$headers = [
    'Accept: */*',
    'Content-Type: application/x-www-form-urlencoded',
    'Custom-Header: custom-value',
    'Custom-Header-Two: custom-value-2'

// open connection
$ch = curl_init();

// set curl options
$options = [
    CURLOPT_URL => $url,
    CURLOPT_POST => count($data),
    CURLOPT_POSTFIELDS => http_build_query($data),
    CURLOPT_HTTPHEADER => $headers,
curl_setopt_array($ch, $options);

// execute
$result = curl_exec($ch);

// close connection


By default, Guzzle uses PHP's stream handler, but will automatically use a cURL handler if cURL or cURL "lite" is enabled.

$url = '';
$data = ['data' => 'this', 'data2' => 'that'];
$headers = [
    'Accept' => '*/*',
    'Content-Type' => 'application/x-www-form-urlencoded',
    'Custom-Header' => 'custom-value',
    'Custom-Header-Two' => 'custom-value',

$guzzle = new GuzzleHttp\Client;
$request = new GuzzleHttp\Psr7\Request('POST', $url, $headers, http_build_query($data));
$result = $guzzle->send($request);

Setting a request timeout

Use the timeout option in HTTP context to alter the deadline.

Issuing an HTTPS request

See Issuing an HTTP Request above.

Disabling host certificate validation

By default, the App Engine implementation of the HTTPS wrapper attempts to validate the certificate of the host, and rejects requests where the certificate does not match. To disable this behavior, set the value of verify_peer to false in the SSL/TLS context options.

Issuing a request to another App Engine app

When issuing a request to another App Engine app, your App Engine app must assert its identity by adding the header X-Appengine-Inbound-Appid to the request. If you instruct the URL Fetch service to not follow redirects, App Engine will add this header to requests automatically.

To instruct the URL Fetch service to not follow redirects, your app must set the follow_location parameter in the HTTP context options to false.

What's next

Learn about the URL Fetch service, such as the headers that are sent in a URL Fetch request in Outbound Requests.

Send feedback about...

App Engine standard environment for PHP