All geek questions in one place

Embedding Google Apps Script in iFrame

I am trying to embed a page that is dynamically built using Javascript in Google Apps Script on my website in iFrame, but the contents of the iFrame are not displayed. Google Apps Script has a policy of the same origin that prevents it from downloading.

I am trying to do this (I deleted the full link):

<iframe src="https://script.google.com/a/macros/SCRIPT_ID"></iframe>

The error I am getting is:

 Refused to display 'https://script.google.com/a/macros/SCRIPT_ID' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.

Is there a way to change the policy and load the content in an iFrame?

+7
source share
2 answers

Google recently turned on this feature. It has long been under the status of "request function." Link here

Now you can explicitly define X-Frame-Options.

To allow embedding in another domain, the parameter must be HtmlService.XFrameOptionsMode.ALLOWALL

Google Docs:

https://developers.google.com/apps-script/reference/html/html-output#setXFrameOptionsMode(XFrameOptionsMode)

Example:

 function doGet() { return HtmlService.createTemplateFromFile('form.html') .evaluate() // evaluate MUST come before setting the Sandbox mode .setXFrameOptionsMode(HtmlService.XFrameOptionsMode.ALLOWALL); }

Hope this helps!

+13
source

I had this problem in the doPost response form, only in dev mode, and corrected it by changing target = "_ self" to target = "_ top" in the original doGet form.

  <form method="POST" id="ss-form" target="_top" action="<?!=SETTINGS.PUBLISHED_URL?>">
+2
source

Source: https://habr.com/ru/post/1260447/

More articles:


All Articles