HtmlService.XFrameOptionsMode.ALLOWALL 不工作
HtmlService.XFrameOptionsMode.ALLOWALL not working
设置 XframeOptionMode 后,doPost 仍然没有重定向:
var REDIRECT_URL = "https://whosebug.com";
function doGet() {
var template = HtmlService.createTemplateFromFile("CForm.html");
template.pubUrl = ScriptApp.getService().getUrl();
var html = template.evaluate();
html.setTitle('ABCD');
return HtmlService.createHtmlOutput(html).setXFrameOptionsMode(HtmlService.XFrameOptionsMode.ALLOWALL);
}
function doPost(e){
SendHtmlMail(e);
return redirect().setXFrameOptionsMode(HtmlService.XFrameOptionsMode.ALLOWALL);
}
function redirect() {
return HtmlService.createHtmlOutput(
"<script>window.top.location.href=\"" + REDIRECT_URL + "\";</script>"
);
}
控制台错误仍然存在
Refused to display 'https://script.google.com/macros/s/AKfycbyb3wh57wgW30KV8faQNqNXSDQ_zu8w3BR-_8kVwUbI/dev' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
HTML
的相关部分
<form class="container" id="main_form" method="post" action="<?= pubUrl ?>">
<div class="form-group">
<label>Business Name</label>
<input type="text" class="form-control" name="BusinessName" id="name" placeholder="Name of Upload" readonly>
</div>
<div class="form-group">
<label>Month and Year of Incorporation</label>
<input type="date" class="form-control" name="MonthandYearofIncorporation">
</div>
<input class="btn btn-md btn-success" type="submit" value="Apply for Carbon"/>
</form>
ScriptApp.getService().getUrl()
returns 你是 Url 类型的
https://script.google.com/macros/s/XXX/dev
而不是
https://script.google.com/macros/s/XXX/exec,
所以开发者版本而不是发布版本。
前者受一些restrictions:
This URL can only be accessed by users who have edit access to the
script. This instance of the app always runs the most recently saved
code — not necessarily a formal version — and is intended for quick
testing during development.
另见 。
如果您将 dev 更改为 exec,这应该可以解决您的问题。
更新:
ScriptApp.getService().getUrl() 为您提供 dev 或 exec URL 取决于您部署 WebApp 的方式。
当您部署为新版本时,您可以选择
“为您的最新代码测试网络应用程序”:
这将为您提供 dev 版本。
如果您改为 运行 WebApp 复制粘贴
Current web app URL 进入您的浏览器:
您的 doGet() 函数将自动检索正确的 exec URL 和 ScriptApp.getService().getUrl().
不过,手动粘贴(硬编码)脚本的 /exec url 版本似乎可以缓解这个问题,但我不想这样做。
我放弃了 doPost 和重定向功能。现在我的 html 现在有这样的脚本:
<html>
...
<body>
... First page ...
... Second page ...
<form class="container d-none" id="main_form" method="post" action="<?pubUrl?>" onsubmit="submitter(this);">
<div class="form-group">
<label>Business Name</label>
<input type="text" class="form-control" name="BusinessName" id="name" placeholder="Name of Upload" readonly>
</div>
<div class="form-group">
<label>Month and Year of Incorporation</label>
<input type="date" class="form-control" name="MonthandYearofIncorporation" required>
</div>
... A very long form
<input class="btn btn-md btn-success" type="submit" value="Apply for Carbon"/>
</form>
...
</body>
<script>
//...
function submitter(data_process){
// Run server-side function when submitted.
google.script.run
.withSuccessHandler(function(){
//alert('Thank You!!! Your application has been received');
window.top.location.replace("https://whosebug.com");
})
.withFailureHandler(function(e){
alert("Unable to submit your application. Please contact us.");
})
.SendHtmlMail(data_process); // Server-side form processing
}
</script>
</html>
设置 XframeOptionMode 后,doPost 仍然没有重定向:
var REDIRECT_URL = "https://whosebug.com";
function doGet() {
var template = HtmlService.createTemplateFromFile("CForm.html");
template.pubUrl = ScriptApp.getService().getUrl();
var html = template.evaluate();
html.setTitle('ABCD');
return HtmlService.createHtmlOutput(html).setXFrameOptionsMode(HtmlService.XFrameOptionsMode.ALLOWALL);
}
function doPost(e){
SendHtmlMail(e);
return redirect().setXFrameOptionsMode(HtmlService.XFrameOptionsMode.ALLOWALL);
}
function redirect() {
return HtmlService.createHtmlOutput(
"<script>window.top.location.href=\"" + REDIRECT_URL + "\";</script>"
);
}
控制台错误仍然存在
Refused to display 'https://script.google.com/macros/s/AKfycbyb3wh57wgW30KV8faQNqNXSDQ_zu8w3BR-_8kVwUbI/dev' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
HTML
的相关部分 <form class="container" id="main_form" method="post" action="<?= pubUrl ?>">
<div class="form-group">
<label>Business Name</label>
<input type="text" class="form-control" name="BusinessName" id="name" placeholder="Name of Upload" readonly>
</div>
<div class="form-group">
<label>Month and Year of Incorporation</label>
<input type="date" class="form-control" name="MonthandYearofIncorporation">
</div>
<input class="btn btn-md btn-success" type="submit" value="Apply for Carbon"/>
</form>
ScriptApp.getService().getUrl()
returns 你是 Url 类型的
https://script.google.com/macros/s/XXX/dev
而不是
https://script.google.com/macros/s/XXX/exec,
所以开发者版本而不是发布版本。
前者受一些restrictions:
This URL can only be accessed by users who have edit access to the script. This instance of the app always runs the most recently saved code — not necessarily a formal version — and is intended for quick testing during development.
另见
如果您将 dev 更改为 exec,这应该可以解决您的问题。
更新:
ScriptApp.getService().getUrl() 为您提供 dev 或 exec URL 取决于您部署 WebApp 的方式。
当您部署为新版本时,您可以选择
“为您的最新代码测试网络应用程序”:
这将为您提供 dev 版本。
如果您改为 运行 WebApp 复制粘贴
Current web app URL 进入您的浏览器:
您的 doGet() 函数将自动检索正确的 exec URL 和 ScriptApp.getService().getUrl().
不过,手动粘贴(硬编码)脚本的 /exec url 版本似乎可以缓解这个问题,但我不想这样做。
我放弃了 doPost 和重定向功能。现在我的 html 现在有这样的脚本:
<html>
...
<body>
... First page ...
... Second page ...
<form class="container d-none" id="main_form" method="post" action="<?pubUrl?>" onsubmit="submitter(this);">
<div class="form-group">
<label>Business Name</label>
<input type="text" class="form-control" name="BusinessName" id="name" placeholder="Name of Upload" readonly>
</div>
<div class="form-group">
<label>Month and Year of Incorporation</label>
<input type="date" class="form-control" name="MonthandYearofIncorporation" required>
</div>
... A very long form
<input class="btn btn-md btn-success" type="submit" value="Apply for Carbon"/>
</form>
...
</body>
<script>
//...
function submitter(data_process){
// Run server-side function when submitted.
google.script.run
.withSuccessHandler(function(){
//alert('Thank You!!! Your application has been received');
window.top.location.replace("https://whosebug.com");
})
.withFailureHandler(function(e){
alert("Unable to submit your application. Please contact us.");
})
.SendHtmlMail(data_process); // Server-side form processing
}
</script>
</html>