Need ideas on implementing a secure payments page (HTTPS) on GAE (using Stripe)
https://stackoverflow.com/questions/8436823
-
11-03-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have a GAE application that is mapped to a subdomain on a custom domain. As the result, I have to use HTTP for everything that's being served under that subdomain. This is marginally unsecure, but is acceptable for most of the application except paymets/subscription part.
Right now, I'm leaning towards using Stripe for processing and building a custom form to handle the signup process. It seems that the only way to get HTTPS is to redirect the user explicitly to https://.appspot.com/ and then send them back to the custom subdomain. I also considered a pop-up.
Are there any other ways to implement secure payments page on GAE?
Solution
For now, redirecting to https://your-app-id.appspot.com is the only way to get SSL. However, SSL for custom domains is in testing now, so in the future you will be able to update to that (you could also sign up for the test group and maybe get accepted). This will be an additional cost, though, whereas the SSL on appspot.com is free.
OTHER TIPS
I know it's a little late, but I had a similar problem and ended up using CheddarGettar (for hosted payment pages) w/ stripe as the payment processor. Very happy with it so far
Google App Engine now supports SSL for custom domains.
