[gcv]

I'm not an App Engine apologist, although I'm seriously evaluating it for my current project. That said, could you please clarify the following points:

1. "You're supposed to handle exceptions from the datastore? Really?" — Are you saying you don't handle exceptions when your regular relational database throws them? I've seen Sybase and MySQL blow up with depressing regularity, and have had to write exception-recovery code for them.

2. "No https with a domain?" — What stops you from making https://<your-app>.appspot.com the handler for forms which read sensitive information? You can submit the form with XHR, have the server send back a structured response (perhaps as JSON), and deal with it with JavaScript on the client. I admit that it's annoying (you need different form submit targets in development and production), but it shouldn't be a deal-breaker unless you need your entire site to use SSL.

(If you do need your entire site to use SSL, then the appspot domain limitation obviously sucks. If that's the case though, then you're probably doing something with finance, and the datastore's transaction semantics probably cannot work for you at all.)

[pak]

Re: https with a different domain. XHR doesn't let you access a different domain, you'd have to use JSONP which won't let you trap errors easily. And if I weren't sitting at a page served by HTTPS, I would not enter credit card information, and most web users are trained to look for the padlock icon and all that.