Serving blobstore images through SSL

Question

After adding SSL for our domain, I started seeing these kind of warnings:

The page at 'https://www.mydomain.com' was loaded over HTTPS, but displayed insecure content from 'http://lh6.ggpht.com/SfTsfy6g-LC2F_GNdiw12s8agFUjcTPB1AzCJon-dIfTG1zaKGHH9tk6be--gOIg-ubWoFuTAbdlo': this content should also be loaded over HTTPS.

What is the best way to serve those images through SSL aswell. Currently I have a lot of Jinja2 templates referring to the images like this:

{{blobstore_image}}

I can simply replace http with https like this:

{{blobstore_image|replace('http', 'https'}}

But is there a way to always return https links from a Serve Handler's send_blob() instead ?

Thanks.

Answer 1

you could just strip the http: part from the link and it will automatically serve the link with the protocol your page is serving.

so the link would look like this:

//www.yourdomain.com/foobar

Answer 2

You can specify secure_url=True if you are serving the image using the get_serving_url() method:

from google.appengine.api import images

image_serving_url = images.get_serving_url(blob_key, secure_url=True)

This will return a serving URL with the SSL.

Docs: https://cloud.google.com/appengine/docs/standard/python/refdocs/google.appengine.api.images#Image_get_serving_url