0

I have an Apps Script web app which serves GET requests (via doGet). I want to ensure that it is called from only my website, e.g. I want a way to authenticate the request. However, the document object is not accessible in Apps Script, so I cannot check document.referrer. How do I access the origin of the request?

If this isn't possible, is there any way to authorize requests to be served from just my website and reject other requests? I am using ajax to make the request.

tehhowch
  • 9,645
  • 4
  • 24
  • 42
Sharad Acharya
  • 41
  • 6
  • Possible duplicate of [How to get the origin URL from a "doPost" request on google apps script](https://stackoverflow.com/questions/35637487/how-to-get-the-origin-url-from-a-dopost-request-on-google-apps-script) – Kos Apr 07 '19 at 12:43
  • `window.location.ancestorOrigins` but only on chrome. – TheMaster Apr 07 '19 at 16:54

2 Answers2

0

Only alternative could be send some parameters along with the request and process them in your AppScript. Request Parameters Doc

Srikanth
  • 836
  • 10
  • 20
0

i think as alternative you can use parameters as key pair with your do get on apps script.

so the parameters your sent. must same as you expect on your apps scrip.t

DemanjaVidic
  • 1
  • 3
  • As it’s currently written, your answer is unclear. Please [edit] to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Dec 07 '22 at 11:23