gddo-server: Remove https redirect for "" domain

With the move of to app engine, the TLS is being stripped
before it hits the gddo-server. This causes an infinite redirect as it
continuously tries to redirect to https even though https is already
being used.

HSTS headers were also removed. Strict TLS is really not needed for
this site. It is a security feature unlikely to provide much security
while at the same time getting in the way if we ever need to host in a non-https enviornment.

Change-Id: Id6f7fd2e1675320ec322077c19834bf4c135ffee
Reviewed-by: Andrew Gerrand <>
1 file changed