2

I was making a web app using google apps script, and I have been getting errors like this:

Access to CSS stylesheet at 'https://script.google.com/.../exec?url=style.css' from origin 'https://...-script.googleusercontent.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Access to script at 'https://script.google.com/.../exec?url=script.js' from origin 'https://...-script.googleusercontent.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

how would I add an Access-Control-Allow-Origin header?

function doGet(e){
  var t,r;
//...
  if(t=='text/html'||t=='text/x-server-parsed-html'){return HtmlService.createHtmlOutput(r);}
  r=ContentService.createTextOutput(r);
  r.setMimeType(ContentService.MimeType.TEXT);
  if(/[^\/]+?\/([^.]+?\.)?([^+]+?\+)?xml/.test(t)){r.setMimeType(ContentService.MimeType.XML);}
  if(t=='application/atom+xml'){r.setMimeType(ContentService.MimeType.ATOM);}
  if(t=='text/csv'){r.setMimeType(ContentService.MimeType.CSV);}
  if(t=='text/calendar'){r.setMimeType(ContentService.MimeType.ICAL);}
  if(t=='application/javascript'||t=='text/javascript'){r.setMimeType(ContentService.MimeType.JAVASCRIPT);}
  if(t=='application/json'){r.setMimeType(ContentService.MimeType.JSON);}
  if(t=='application/rss+xml'){r.setMimeType(ContentService.MimeType.RSS);}
  if(t=='text/vcard'){r.setMimeType(ContentService.MimeType.VCARD);}
  if(e.parameter.name){r.downloadAsFile(e.parameter.name)}
  return r;
}
Improve this question
1
  • You can't. Use simple requests that doesn't need to be preflighted. Commented Jan 10, 2020 at 23:07

1 Answer 1

Reset to default
1

You cannot modify the CORS headers in a Google Apps Script webapp. This is done by Google to ensure the security of their users.

I see, however, that you are attempting to fetch files such as style.css or script.js. If this is the case - and you are using the "classic" HTML tags for including them (such as <link rel="stylesheet" ... and <script src=... I suggest you do the following instead:

  1. Replace the style.css file for a style.html HTML file, the contents of which should be as follows:

    <style>
...
</style>

    Where the ... should be your CSS code.

  2. Replace the script.js file for a script.html HTML file, the contents of which should be:

    <script>
...
</script>

    Where ... should be your script code.

  3. Include the newly create files above in your main HTML by using scriptlets (see the example below). Find the location of your HTML file in which you want to inject the code, and use the following tags, as appropriate, to do so:

    <?!= include('style'); ?>

    <?!= include('script'); ?>

Example

Code.gs

function doGet(request) {
  return HtmlService.createTemplateFromFile('Page')
      .evaluate();
}

function include(filename) {
  return HtmlService.createHtmlOutputFromFile(filename)
      .getContent();
}

Page.html

<!DOCTYPE html>
<html>
  <head>
    <base target="_top">
    <?!= include('Stylesheet'); ?>
  </head>
  <body>
    <h1>Welcome</h1>
    <p>Please enjoy this helpful script.</p>
    <?!= include('JavaScript'); ?>
  </body>
</html>

Stylesheet.html

<style>
p {
  color: green;
}
</style>

JavaScript.html

<script>
window.addEventListener('load', function() {
  console.log('Page is loaded');
});
</script>

References

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.