Jump to content

Embed site in Google Apps Script, and embed script on site

Recommended Posts

I'd like to embed a page from the website (namely chatbox) into a google apps script, and then embed the google script onto my site.

There are a couple problems I'm running into.

1st in the sites admin cp, when I allow embedding on a specific offsite domain (*.script.google.com) it won't allow me to embed chatbox.
However if I select the 3rd radio option "allow embedding in all offsite domains", which is not recommended, it allows it.
So that's problem 1.

2nd I'm having trouble getting my site to allow the google script to be embedded on it anywhere at all.

I was hoping that embedding the google script in an iframe (the script itself having my site in an iframe within it) would allow that chatbox iframe in the google script to recognize the top hosting domain as my site, and thereby allow it to embed in the google script. But I can't even get the google script to embed to see if that would work, though somehow I doubt it will.

Any direction on this would be greatly appreciated :)

Desired iframe layout of end product:

|                     MY SITE                     |
|     _______________________      |
|    |        GOOGLE SCRIPT       |      | 
|    |      ________________      |      |
|    |     |      CHATBOX        |      |      |
|    |     |                               |      |      |
|    |     |________________|     |      |
|    |______________________|      |

Edited by Aramaech
Link to comment
Share on other sites

Chatbox is being served from my site, google is being served from google. 
What do you mean by allow it? Like this?
admin cp -> advanced configuration -> Allow community to be embedded in an iframe -> content security policy: default-src *; frame-ancestors 'self' *.google.com

That's one setting I tried. For the content security policy I also tried

 default-src *; frame-ancestors 'self' *.script.google.com

Link to comment
Share on other sites

You'll need to sort out with Cloudflare how to set the correct security policy.

Edit: https://support.cloudflare.com/hc/en-us/articles/216537517-Using-Content-Security-Policy-CSP-with-Cloudflare#:~:text=Cloudflare doesn't require changes,locations specified in your CSP.

You'll need to make sure the CSP headers are correct for your site. Looks like Cloudflare simply observes whatever your webserver sends.

Edited by Paul E.
Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...