12

I have a simple Google Apps Script ContentService that emits a string like "Hello world Sat Jul 14 2012 14:17:21 GMT+1000 (EST)" The url is https://script.google.com/macros/s/AKfycbxbFFG95mi8PWVNCE8366XaxnXQrt6p7p3OWbclXch_bbWczQ/exec and it's open to anonymous. Feel free to hit it. The code is:

function doGet() {
  var output = ContentService.createTextOutput()
      .setMimeType(ContentService.MimeType.TEXT)
      .setContent("Hello world " + new Date());
  Logger.log(output.getContent());
  return output;
}

When I visit the URL in a browser it returns the string as expected (pass.png). When I use the same URL in an XHR (ajax call) it fails with an empty error. In the developer tools in Chrome the redirect is "(canceled)" (fail.png) . Here is the code to reproduce the fail:

<!DOCTYPE html>
<html>
<head>
<script>
function loadXMLDoc() {
  xhr=new XMLHttpRequest();
  xhr.onreadystatechange=function() {
  if (xhr.readyState==4 && xhr.status==200) {
    document.getElementById("myDiv").innerHTML=xhr.responseText;
    }
  };
  xhr.open("GET","https://script.google.com/macros/s/AKfycbxbFFG95mi8PWVNCE8366XaxnXQrt6p7p3OWbclXch_bbWczQ/exec",true);
  xhr.send();
}
</script>
</head>
<body>

<h2>Using the XMLHttpRequest object</h2>
<div id="myDiv"></div>
<button type="button" onclick="loadXMLDoc()">Get Content via XHR</button>
</body>
</html>

Direct request: DIrect requestpass.png XHR request: enter image description here My question (hopefully specific enough): How do I make XHR calls from a plain old web page on example.com to GET content from anonymous Google Apps Script ContentService scripts?

Rubén
  • 34,714
  • 9
  • 70
  • 166
Peter
  • 5,501
  • 2
  • 26
  • 42
  • ....same question....interesting. – Daniel Möller Feb 13 '16 at 17:39
  • Possible duplicate of [Google Apps Script cross-domain requests stopped working](http://stackoverflow.com/questions/29525860/google-apps-script-cross-domain-requests-stopped-working) – Rubén Feb 13 '17 at 03:05

1 Answers1

9

I am not sure this is currently possible. We considered the JSONP method (which does work; I've tested it) but I don't think making an XHR against ContentService was ever tested. We'd probably need to set up CORS headers for this. Please file a feature request on the issue tracker and we'll see if it can be done.

Corey G
  • 7,754
  • 1
  • 28
  • 28
  • Done here http://code.google.com/p/google-apps-script-issues/issues/detail?id=1563 and I will also try the JSONP script method and report back here. – Peter Jul 15 '12 at 22:06
  • 2
    JSONP script injection worked fine. Thanks. So, my post mortem is JS 101: the Browser has refused to do the final GET because the GAS server would need to (at the minimum) add a CORS header "Access-Control-Allow-Origin: somedomain | *" https://developer.mozilla.org/en/http_access_control. The GAS server emits no such header. In the header's absence, the browser side script is subject to the same origin policy (https://developer.mozilla.org/en/Same_origin_policy_for_JavaScript) and hence the GET's status "(canceled)". – Peter Jul 16 '12 at 08:01
  • 2
    Hi @PeterHerrmann after more than a year I am stuck in the same problem -- did you manage to find a solution for this? Thanks, Fausto. – Fausto R. Nov 20 '13 at 22:20
  • 2
    Yes @FaustoR., you need to make your ContentService return JSONP not JSON. – Peter Nov 21 '13 at 02:37
  • Ok I got it :). The problem was with not having "anyone, even anonymous" authorization (basically no authorization) as explained here: http://stackoverflow.com/questions/27725424/content-service-for-google-apps-script-returning-html-instead-of-json/ . Due to that, the return data was an authorization page, not the JSONP content. It works now. – Sujay Phadke Dec 17 '15 at 01:13
  • forgot to mention: the "prefix" callback function doesn't work. I have to use 'onreadystatechange' as outlined by @SandyGood below – Sujay Phadke Dec 17 '15 at 01:30
  • 1
    issue referred on [this comment](http://stackoverflow.com/questions/11481222/how-do-i-make-xhr-ajax-requests-against-google-apps-script-contentservice-work/11488892#comment15186292_11488892) is marked as won't fix. cc @PeterHerrmann. – Rubén Feb 13 '17 at 02:59