嵌入到 iFrame 中时不会加载 Google Apps 脚本 [英] Google Apps Script does not load when embedded into iFrame

问题描述

我正在尝试将我的 Google Apps Script WebApp 嵌入到另一个域上的 iFrame 中，但 Web 应用程序未加载，我只看到白屏.webinspector 中也没有错误.

I am trying to embed my Google Apps Script WebApp into an iFrame on another domain but the webapp is not loaded and I only see a white screen. There is also no error in the webinspector.

Web 应用程序发布为:作为 me 执行并且访问具有给定域内的任何人.

The Webapp is published with: Execute as me and Access has anyone within Given Domain.

根据 this 我像这样实现我的 doGet 方法:

According to this I implemented my doGet method like this:

function doGet(e) {
 return HtmlService
 .createHtmlOutputFromFile('html/index')
 .setXFrameOptionsMode(HtmlService.XFrameOptionsMode.ALLOWALL);
}

并且 IFrame 看起来像这样:

and the IFrame looks like this:

<iframe src="https://script.google.com/a/my_domain/macros/s/ADjidojcojv/exec" title="test" width="558" height="300"></iframe>

当用户登录 Google 时，将显示 web 应用程序.但是，当用户未登录时，account.google.com 拒绝连接

When the user is logged into Google the webapp is displayed. However when the user is not logged in a grey image with account.google.com refused to connect

我认为原因是有一个重定向到不允许显示的谷歌登录.此外，在这种情况下，还有另一个重定向到 SAML SSO 应用程序.因此，当您正常登录 google 时，您将重定向到 SAML SSO 登录.

I think the reason is that there is a redirect to the google sign in which does not allow to be displayed. Furthermore in this case there is also another redirect to a SAML SSO application. So when you normally sign in into google you will redirect to the SAML SSO login.

我有哪些选择?

我发现有人与 完全一样问题和一种可能的解决方案.显然没有简单的方法可以做到这一点......

I found someone with the exact same problem and one possible solution. Apparently there is no easy way of doing this...

推荐答案

发布具有访问权限的 Web 应用程序时:任何人"，最终用户需要登录.否则，用户将被重定向到 Google登录页面.谷歌的登录页面不允许自己被 iframe.如果您已登录，则网络应用不会重定向到 Google 的登录页面，并且不会出现此错误，否则会出现.

When publishing web-apps with access: "anyone", it is needed for the end user to be logged in. Otherwise, the user is redirected to Google login page. Google's login page does not allow itself to be iframed. If you're logged in, the web app isn't redirected to Google's login page and this error doesn't appear, else it appears.

• 事先警告用户必须登录
• 使用访问权限发布:任何人甚至匿名"
• 如果这是不可能的，可以使用 window.length(少数可跨原点访问的属性之一)检测 iframe 页面是否已加载窗口，该值为 0如果页面拒绝连接并且在网络应用程序中超过 0，因为您的页面是 iframe 的.然后可以将用户重定向到登录页面.

• Warn users beforehand that they must login
• Publish using access: "Anyone even anonymous"
• If that's not possible, It is possible to detect whether the iframed page has window loaded or not using window.length(one of the few properties that is accessible cross origin), which will be 0 if page refused to connect and more than 0 in a web-app, because your page is iframed. Then it is possible to redirect the user to the login page.

<!DOCTYPE html>
<html>
  <body>
    body
    <iframe
      src="https://script.google.com/macros/s/[SCRIPT_ID]/exec"
      >Loading
    </iframe>
    <script>
      const main = (() => {
        console.log("loading page");
        const f = document.querySelector("iframe");
        f.onload = (e) => {
          console.log("iframe onload");
          const fw = f.contentWindow;
          if (fw.length > 0) console.info("logged in");
          else {
            alert("Please Login!");
            window.location = "https://accounts.google.com";
          }
        };
      })();
    </script>
  </body>
</html>

参考:

• 同源政策

这篇关于嵌入到 iFrame 中时不会加载 Google Apps 脚本的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！