If #validateCertificate() is called the URLFetchService
operation will, if using an HTTPS connection, instruct the application to
send a request to the server only if the certificate is valid and signed by a
trusted certificate authority (CA), and also includes a hostname that matches
the certificate.
If the certificate validation fails, a javax.net.ssl.SSLHandshakeException exception is thrown.
HTTP connections are unaffected by this option.
If #doNotValidateCertificate() is called the
URLFetchService will not validate the server's SSL certificate
in any fashion. This is the default behavior. Note, however, that validation
will be turned on by default in the near future. If you rely upon making
requests to a site with an invalid or untrusted certificate, you should
explicitly call #doNotValidateCertificate() to avoid errors in future
versions.
Notes on usage:
The recommended way to instantiate a FetchOptions object is to
statically import Builder.* and invoke a static
creation method followed by an instance mutator (if needed):
Disables certificate validation on HTTPS connections. Please read the
class javadoc for an explanation of how this option affects certificate
validation behavior.
Enables certificate validation on HTTPS connections via the normal
CA-based mechanism. Please read the class javadoc for an explanation of
how this option affects certificate validation behavior.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003e\u003ccode\u003eFetchOptions\u003c/code\u003e allows customization of \u003ccode\u003eURLFetchService\u003c/code\u003e operations, including response truncation and redirect handling.\u003c/p\u003e\n"],["\u003cp\u003eUsers can enable response truncation with \u003ccode\u003eallowTruncate()\u003c/code\u003e, or they can disable it with \u003ccode\u003edisallowTruncate()\u003c/code\u003e and throw a \u003ccode\u003eResponseTooLargeException\u003c/code\u003e for large responses.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003efollowRedirects()\u003c/code\u003e and \u003ccode\u003edoNotFollowRedirects()\u003c/code\u003e methods allow control over whether the \u003ccode\u003eURLFetchService\u003c/code\u003e follows HTTP redirects.\u003c/p\u003e\n"],["\u003cp\u003e\u003ccode\u003evalidateCertificate()\u003c/code\u003e and \u003ccode\u003edoNotValidateCertificate()\u003c/code\u003e methods control the validation of SSL certificates for HTTPS connections, where the default behavior is to not validate, but this will be changed in the future.\u003c/p\u003e\n"],["\u003cp\u003eYou can set the deadline for a fetch request using the method \u003ccode\u003esetDeadline(Double deadline)\u003c/code\u003e, which sets the timeout in seconds.\u003c/p\u003e\n"]]],[],null,["# Class FetchOptions (2.0.0)\n\n public final class FetchOptions implements Serializable\n\nAllows users to customize the behavior of [URLFetchService](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.URLFetchService)\noperations.\n\n\nIf [#allowTruncate()](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.FetchOptions#com_google_appengine_api_urlfetch_FetchOptions_allowTruncate__) is called, [URLFetchService](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.URLFetchService)\nwill truncate large responses and return them without error.\n\n\nIf [#disallowTruncate](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.FetchOptions#com_google_appengine_api_urlfetch_FetchOptions_disallowTruncate_) is called,\n[ResponseTooLargeException](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.ResponseTooLargeException) will be thrown if the response is too\nlarge.\n\n\nIf [#followRedirects()](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.FetchOptions#com_google_appengine_api_urlfetch_FetchOptions_followRedirects__) is called the [URLFetchService](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.URLFetchService)\noperation will follow redirects.\n\n\nIf [#doNotFollowRedirects()](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.FetchOptions#com_google_appengine_api_urlfetch_FetchOptions_doNotFollowRedirects__) is called the [URLFetchService](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.URLFetchService)\noperation will not follow redirects.\n\n\nIf [#validateCertificate()](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.FetchOptions#com_google_appengine_api_urlfetch_FetchOptions_validateCertificate__) is called the [URLFetchService](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.URLFetchService)\noperation will, if using an HTTPS connection, instruct the application to\nsend a request to the server only if the certificate is valid and signed by a\ntrusted certificate authority (CA), and also includes a hostname that matches\nthe certificate.\nIf the certificate validation fails, a javax.net.ssl.SSLHandshakeException exception is thrown.\nHTTP connections are unaffected by this option.\n\n\nIf [#doNotValidateCertificate()](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.FetchOptions#com_google_appengine_api_urlfetch_FetchOptions_doNotValidateCertificate__) is called the\n[URLFetchService](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.URLFetchService) will not validate the server's SSL certificate\nin any fashion. This is the default behavior. Note, however, that validation\nwill be turned on by default in the near future. If you rely upon making\nrequests to a site with an invalid or untrusted certificate, you should\nexplicitly call [#doNotValidateCertificate()](/appengine/docs/standard/java-gen2/reference/services/bundled/latest/com.google.appengine.api.urlfetch.FetchOptions#com_google_appengine_api_urlfetch_FetchOptions_doNotValidateCertificate__) to avoid errors in future\nversions.\n\n\nNotes on usage: \n\nThe recommended way to instantiate a `FetchOptions` object is to\nstatically import Builder.\\* and invoke a static\ncreation method followed by an instance mutator (if needed): \n\n\n import static com.google.appengine.api.urlfetch.FetchOptions.Builder.*;\n\n ...\n URL url = getURLToFetch();\n urlFetchService.fetch(new HTTPRequest(url, HTTPMethod.GET,\n allowTruncate()));\n\n urlFetchService.fetch(new HTTPRequest(url, HTTPMethod.GET,\n allowTruncate().doNotFollowRedirects()));\n \nInheritance\n-----------\n\n[java.lang.Object](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html) \\\u003e FetchOptions \n\nImplements\n----------\n\n[Serializable](https://docs.oracle.com/javase/8/docs/api/java/io/Serializable.html) \n\nInherited Members\n-----------------\n\n[Object.clone()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#clone--) \n[Object.equals(Object)](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#equals-java.lang.Object-) \n[Object.finalize()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#finalize--) \n[Object.getClass()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#getClass--) \n[Object.hashCode()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#hashCode--) \n[Object.notify()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#notify--) \n[Object.notifyAll()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#notifyAll--) \n[Object.toString()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#toString--) \n[Object.wait()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait--) \n[Object.wait(long)](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait-long-) \n[Object.wait(long,int)](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait-long-int-)\n\nStatic Fields\n-------------\n\n### DEFAULT_ALLOW_TRUNCATE\n\n public static final boolean DEFAULT_ALLOW_TRUNCATE\n\n### DEFAULT_DEADLINE\n\n public static final @Nullable Double DEFAULT_DEADLINE\n\nThe default deadline is 5 seconds.\n\n### DEFAULT_FOLLOW_REDIRECTS\n\n public static final boolean DEFAULT_FOLLOW_REDIRECTS\n\nMethods\n-------\n\n### allowTruncate()\n\n public FetchOptions allowTruncate()\n\nEnables response truncation. Please read\nthe class javadoc for an explanation of how allowTruncate is used.\n\n### disallowTruncate()\n\n public FetchOptions disallowTruncate()\n\nDisables response truncation. Please read\nthe class javadoc for an explanation of how allowTruncate is used.\n\n### doNotFollowRedirects()\n\n public FetchOptions doNotFollowRedirects()\n\nDisables following of redirects. Please read\nthe class javadoc for an explanation of how doNotFollowRedirects is used.\n\n### doNotValidateCertificate()\n\n public FetchOptions doNotValidateCertificate()\n\nDisables certificate validation on HTTPS connections. Please read the\nclass javadoc for an explanation of how this option affects certificate\nvalidation behavior.\n\n### followRedirects()\n\n public FetchOptions followRedirects()\n\nEnables following of redirects. Please read\nthe class javadoc for an explanation of how followRedirects is used.\n\n### getAllowTruncate()\n\n public boolean getAllowTruncate()\n\n### getDeadline()\n\n public @Nullable Double getDeadline()\n\n### getFollowRedirects()\n\n public boolean getFollowRedirects()\n\n### getValidateCertificate()\n\n public boolean getValidateCertificate()\n\n### setDeadline(Double deadline)\n\n public FetchOptions setDeadline(Double deadline)\n\nSets the deadline, in seconds, for the fetch request.\n\n### validateCertificate()\n\n public FetchOptions validateCertificate()\n\nEnables certificate validation on HTTPS connections via the normal\nCA-based mechanism. Please read the class javadoc for an explanation of\nhow this option affects certificate validation behavior."]]
