Google App Engine is a great platform for getting things done quickly. However, it can be very unpleasant to work with due to its sandboxed environment and close source code. Basic needs such as installing third-party libraries can be tricky to install as well.

Getting one of the most popular python libraries, python-requests, was particularly tricky to get it running and working with SSL connections. I’ll walk through how I fixed the issue.

Start by adding the library to the project:

# From project root.
pip install -t lib/ requests

The above command pip-installs the requests library into the lib directory. This is where all the third-party libraries can be placed.

Now we need to let App Engine know about this. Create or modify the file in the root of the project.

from google.appengine.ext import vendor
vendor.add('lib') runs when a new instance is created. vendor.add adds the specified path to $PYTHONPATH.

At this point, most third-party libraries work just fine. However, there’s a bit of work that needs to be done to get requests working.

Head over to http://localhost:8000/console and execute:

import requests

r = requests.get('')

In a normal Python environment, the code executes just fine printing a 200 status. But on GAE, the following exception occurs:

Traceback (most recent call last):
line 225, in handle_interactive_request
    exec(compiled_code, self._command_globals)
  File "<string>", line 1, in <module>
  File ".../lib/requests/", line 58, in <module>
    from . import utils
  File ".../lib/requests/", line 26, in <module>
    from .compat import parse_http_list as _parse_list_header
  File ".../lib/requests/", line 42, in <module>
    from .packages.urllib3.packages.ordered_dict import OrderedDict
  File ".../lib/requests/packages/", line 95, in load_module
    raise ImportError("No module named '%s'" % (name,))
ImportError: No module named 'requests.packages.urllib3'

The issue goes away once the ssl library is included in app.yaml:

- name: ssl
  version: latest

But wait, there’s more! The code should now work remotely. However, it still doesn’t work on the development server.

Traceback (most recent call last):
  File "/Applications/", line 225, in handle_interactive_request
    exec(compiled_code, self._command_globals)
  File "<string>", line 3, in <module>
  File ".../lib/requests/", line 68, in get
    return request('get', url, **kwargs)
  File ".../lib/requests/", line 50, in request
    response = session.request(method=method, url=url, **kwargs)
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/", line 387, in wrap_socket
  File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/", line 141, in __init__
TypeError: must be _socket.socket, not socket

The problem is GAE has a “whitelist” of select standard libraries. SSL (_ssl, _socket) is not one of them. So, we need to tweak the sandbox environment (dangerous) carefully. The below code uses the standard Python socket library instead of the GAE-provided in the development environment. Modify

import os

# Workaround the dev-environment SSL
if os.environ.get('SERVER_SOFTWARE', '').startswith('Development'):
    import imp
    import os.path
    from import sandbox

    sandbox._WHITE_LIST_C_MODULES += ['_ssl', '_socket']
    # Use the system socket.
    psocket = os.path.join(os.path.dirname(os.__file__), '')
    imp.load_source('socket', psocket)
INFO     2015-04-04 06:57:28,449] default: "POST / HTTP/1.1" 200 4
INFO     2015-04-04 06:57:46,868] Starting new HTTPS connection

This solution mostly works, except for non-blocking sockets. I haven’t had a need for that yet :)


0: Open issue that is 2 years old