I wanted to ask if it is possible to use Cookies in a Google Web App? I believe I had this working a few weeks back, but now when I try to read/write a Cookie, it is undefined.
I have tried using a jquery library, as well as doing this in javascript, but the console always returns a null or undefined response. As background, I have a Google Sheet, with a Web App attached. That app displays an HTML file.
In my document load event, I run this code:
$.cookie("test","some value");
console.log($.cookie("test"))
and the response is "undefined". If I try using vanilla javascript, like this:
document.cookie = "test=some value";
console.log(document.cookie)
then the output is a blank line.
Are cookies blocked by Google Web Apps? Or am I doing something wrong?
EDIT - I was asked to provide a minimal example. This is a basic example that still does not display cookies.
In a Google Sheet, I go to Tools-->Script Editor. Here, I have two files:
Code.js:
function doGet(e) {
output = HtmlService.createTemplateFromFile('index');
return output.evaluate();
}
index.html
<!DOCTYPE html>
<html>
<head>
<base target="_top">
<script>
document.cookie = "username=John Doe";
var x = document.cookie;
console.log( "Hello World" );
console.log( x );
</script>
</head>
<body>
index
</body>
</html>
When the site loads, only "Hello World" is printed to the console
Well, after some playing around with the code, it seems it has to do with securing the cookie. I am not sure if this is a new requirement (this code worked fine 2 weeks ago), but now, if I create my cookie like this:
document.cookie = "user=John; SameSite=none; secure";
It works fine.
Related
I try to implement a sidebar on my spreadsheet to get user input for my scripts to use. I haven't been able to get it to successfully call any server side functions. I put together a simple script from the google documentation and several stackoverflow questions that I read through, but I keep getting an error. It is able to print to the console, but it errors out trying to call the logText() function with google.script.run.
Script File:
function onOpen() {
SpreadsheetApp.getUi()
.createMenu('Extra Functions')
.addItem('Show sidebar', 'showSidebar')
.addToUi();
}
function showSidebar() {
var html = HtmlService.createHtmlOutputFromFile('Test')
.setTitle('Testing')
.setWidth(300);
SpreadsheetApp.getUi()
.showSidebar(html);
}
function logInput(text) {
Logger.log(text);
}
HTML File (Test.html):
<!DOCTYPE html>
<html>
<head>
<base target="_top">
<script>
function onFailure(error) {
var div = document.getElementById('output');
div.innerHTML = "ERROR: " + error.name + ": " + error.message;
}
function logText(){
var txt = document.getElementById("txt_input").value;
console.log(txt);
google.script.run.withFailureHandler(onFailure).logInput(txt);
}
</script>
</head>
<body>
<label for="txt_input">Input Text:</label>
<input type="text" id="txt_input"><br>
<button onclick='logText()'>Send Name</button><br>
<div id="output"></div>
</body>
</html>
I've tried running it both on the new Apps Script V8 and Apps Script Legacy, and I get a slightly different error on each.
Apps Script Legacy
ERROR: ScriptError: You do not have access to perform that action. Please ask the owner of this item to grant access to you.
Apps Script V8
ERROR: ScriptError: We're sorry, a server error occurred while reading from storage. Error code PERMISSION_DENIED.
I've been doing research on Authorization but as far as I can tell, it has all the permissions it needs as a Container-Bound Script (https://developers.google.com/apps-script/guides/bound). It has the /auth/script.container.ui OAuth Scope which should allow it to "Display and run third-party web content in prompts and sidebars inside Google applications", as well as the /auth/spreadsheets Scope. I am also the owner of the spreadsheet and the script project.
Since it is not functioning as a Web App it does not need to be deployed, and does not need a doGet() function.
https://developers.google.com/apps-script/guides/html#serve_html_as_a_google_docs_sheets_slides_or_forms_user_interface
I've had the same issue, for me the problem was having a user being logged in with multiple google accounts. It might apply to your case as well. The user tried logging-in with just one account and the permission issue was gone.
It's the same problem that might occur when installing a custom addon.
Hope it helps.
Seems like a bug in the new engine. I have a similar problem. A function from the script is invoked from the HTML. The new engine fails. I disabled the V8 engine and it worked so it seems to be something internal to Google.
I experienced exactly the same problem and solved it disableling the new V8 engine.
In addition to the question here:
Open Explorer window from Website
I'm also having trouble with this, especially because I need to integrate a function into the link that eventually will open in file explore.
Bacially, we have a very simple intranet webpage, to control our cases etc.
Each case has some files in in a folder on the server, but to avoid to many subfolders in one folder, we split them in groubs of 200!
\ip\fileserver\cases\"split-folder"\subfolder
I what to open the folder clicking on the case on our webpage.
The split-folder..is defined in ranges with case-numbers for evey 200 cases (sager in danish)
Like this
\25000-25199\25001
\25200-25399\25399
\25400-25599\25422 or 25555 etc . .
The math to calculate the "split-folder" is simple enough with a script but getting this into a link that will open file explore is not that easy.
<!DOCTYPE html>
<html>
<body>
<button onclick="myFunction(25555)">Try it</button>
<p id="sagslink"></p>
<script>
function myFunction(sagnr) {
var a = Math.floor(sagnr/200)*200
var b = Math.floor(a+199);
var x = "file://///192.168.15.133/Filserver2016/sager/" + a + '-' + b + "/"+sagnr;
document.getElementById("sagslink").innerHTML = x;
}
</script>
Simple link that Works in IE..but not in firefox og chrome.
sager-full-path
But I can not generate a useful link merging the to!
I have tried evey possible way described here to no awail:
JavaScript function in href vs. onclick
Perhaps I need to revice the function to give the actual link in sted. I also don't what a button but just a generat CASE-Number...that serves as link!
Further more! We mount \\192.168.1.133\Fileserver2016 as Z:
So for our various programs, that use the Z drive path, I would like to open file-explore with the mount path and not the ablosoute path.
We can use IE if nessarry..but I would like i to work on firefox and chrome also
Can this be done!
Ok. So we got it working...sort of ;O)
Our intranet webpage runs in ASP
So the code runs serverside.
Here is the code that works in IE-11.
<%
strSagsNR = rsSag("sagsNR")
Function folderlink(FSagsNR)
a = int(strsagsNR/200)*200
b = int(a+199)
folderlink = "file:///Z:/sager/" & a & "-" & b & "/" & strSagsNR
End Function[enter image description here][1]
%>
To ensure the solution works properly locally and when connected with VPN.
It's necessary to add the server ip to IE-11 Internet security - local Intranet - Webplaces - Advanced
as BOTH FILE AND HTTP! See image.
Security setting in IE
Then you should avoid the remark about this file is dangerous and may harm you computer, and File explore will pop up on the correct path ;O)
I have not found any solution for Chrome or Firefox.
I have an application that uses javascript to get a string and POST it to a receiver php file on the server for further processing. The receiver's job is to parse the string, pass things along, and report to javascript how stuff is going. Recently I've tried to add password-based security to this whole shebang, but now receiver.php passes back an empty response.
What I'm finding is that if I call password_verify anywhere in the receiver (no matter what I do with it... I could even just call it without using it) the following echos in the script don't run - any responseText from those echos will be empty - and I've no idea why. Though, if I just run the php script raw from command line, everything DOES work.
Before continuing, I would note that I am pretty new to web development and password-based security, so don't skewer me too hard. Good news, though - unlike every OTHER problem I can find on the web, I AM getting correct hashes and correct verify-responses.
Using php 5.6.23
A scaled down version of the JS file "test.html":
<!doctype html>
<html lang="en">
<head>
<script type="text/javascript">
function reviewAndSubmit() {
//bigOlString is usually built as a result of TONS of script on this page, use this as a test
var bigOlString = "password=1234 name=test otherParams=barglebargle"
var postString = new XMLHttpRequest();
//build function to receive post response
postString.onreadystatechange = function() {
if (postString.readyState == 4) {
window.alert("responseText: " + postString.responseText)
}
}
postString.open("POST", "receivertest.php", true);
postString.setRequestHeader("Content-Type", "text/plain;charset=UTF-8");
postString.send(bigOlString);
}
</script>
</head>
<body>
<button class="button" id="pushMe" onClick="reviewAndSubmit()">Why does PHP hate me so bad?</button>
And receivertest.php:
<?php
//hashed version of '1234' and debug name 'test'
$debugPass = '$2y$10$b.08/4NfawKOwrBYJqguc.AWsI3mQiGGaz1eYvfc9Uid1auQKKABm';
$debugName = 'test';
//get incoming string
$inString = file_get_contents('php://input');
//get challenge content
$challengePass = substr($inString, strpos($inString, "password=") + 9, strpos($inString, "name=") - 10); //10 because of the space
$name = substr($inString, strpos($inString, "name=") +5, (strpos($inString, "otherParams=") - strpos($inString, "name=") - 6)); //ugly!
//begin authentication
$auth = False;
echo $name;
echo $challengePass;
password_verify($challengePass, $debugPass); //yes, I'm not doing anything with this. Doesn't matter.
echo "this line won't echo";
?>
If you comment out the 'password_verify' line in receivertest.php, everything echos perfectly. If you don't, no luck - the 'alert' window in test.html just spits out 'responseText test123'. If you run receivertest.php in console (php receivertest.php), however, everything echos correctly.
Why is my responseText empty?
EDIT: I've edited the php script to better illustrate the problem. Yes, I know I'm not USING password_verify for anything. It doesn't matter. The 'this line won't echo' line doesn't echo out in test.html like the other lines do. My question is: why NOT?
The code is all fine. I made a quick edit in my httpd.conf file and restarted apache, and everything started working. I undid that edit to check and restarted - everything still worked. So I guess all I needed was an apache restart.
Apache seems to have more to do with php than I thought, I guess?
I've been spending hours trying to figure out what is wrong with this code, i found out that i cannot reach the updateuser.php file, its on the same directory, the filenames are corret, is there something wrong with this code:
<script>
function updateuseracc(form, password)
{
var p = document.createElement("input");
form.appendChild(p);
p.name="p";
p.type="hidden";
p.value=hex_sha512(password.value);
password.value="";
var useremail=$("#curemail").val();
$.post('updateuser.php',{email:useremail,p:p}).done(function(data){
alert(data);
});
}
</script>
Bring up development tools with F12 on Google Chrome, then go to 'Network' option and check if after calling the script a 500 header page is returned. You can check this at the list of resources called that you will see at development bar.
If so, you will know that you are not referring to the script correctly, also you will get information from the parsed URL so you can guess how can you set the path to updateuser.php.
I have Windows Application (.EXE file is written in C and built with MS-Visual Studio), that outputs ASCII text to stdout. I’m looking to enhance the ASCII text to include limited HTML with a few links. I’d like to invoke this application (.EXE File) and take the output of that application and pipe it into a Browser. This is not a one time thing, each new web page would be another run of the Local Application!
The HTML/java-script application below has worked for me to execute the application, but the output has gone into a DOS Box windows and not to pipe it into the Browser. I’d like to update this HTML Application to enable the Browser to capture that text (that is enhanced with HTML) and display it with the browser.
<body>
<script>
function go() {
w = new ActiveXObject("WScript.Shell");
w.run('C:/DL/Browser/mk_html.exe');
return true;
}
</script>
<form>
Run My Application (Window with explorer only)
<input type="button" value="Go"
onClick="return go()">
</FORM>
</body>
Have the executable listen on a port following the HTTP protocol.
Then have the web page make AJAX-style HTTP requests to the local port with JAvascript.
The executable returns text.
The web page updates itself through DOM manipulation in Javascript.
Yes, this works. It is happening 5 feet away from me right now in another cubicle.
This is called CGI
Your already using WScript to launch, it can also read StdOut.
<html>
<head>
<script type="text/javascript">
function foo() {
var WshShell = new ActiveXObject("WScript.Shell");
var oExec = WshShell.Exec("ipconfig.exe");
var input = "";
while (!oExec.StdOut.AtEndOfStream) {
input += oExec.StdOut.ReadLine() + "<br />";
}
if (input)
document.getElementById("plop").innerHTML = input;
}
</script>
</head>
<body onload="foo();">
<code id="plop"></code>
</body>
</html>
It would be easier to have your EXE create a temp file containing the HTML, then just tell Windows to open the temp HTML file in the browser.