I’ve got several Google Apps Scripts, running as web apps, which up until early April were working perfectly.
Now they all fail with a HTTP 302.
Running the exact same API call in postman works perfectly.
Has Glide changed the way API calls handle redirects???
I have changed the new Error handling option in the API call to “Ignore but return all errors” - and now of course get an HTML response with a title “Moved Temporarily” and a link to the new location.
All my Google Apps Scripts are set to run as “Anyone”. I have seen on forums the option to run as “Anyone, even anonymous” - but I don’t have that option.
“I heard back from Engineering. Your script is failing because we plugged a security issue that surfaced. As a result of that fix, we no longer allow redirects.”
I am not an expert, so I don’t know how much of a security risk this is - but it leaves me rather stuck. I’ve spent ages developing Google Apps Scripts - got them working perfectly - and now I can’t use them at all.
Just thought I’d follow up on this (redirects failing from Glide API requests)
Had a very helpful reply from support explaining that redirects are disabled as they can be a security risk.
So I did some digging and now see that Google Apps Scripts are really intended for small basic scripts as extensions to Google sheets / docs.
So I wasn’t really using the right tool for the job. I guess a clue was in the name!
So I’ve spent some time learning / re coding my scripts as Google Functions which I get access to through my Google Cloud account (as I did apps scripts)
But glad I did move to cloud functions as they are so much more powerful and robust. Took a while to make the move, but I’ve learned loads and so have benefited from it.
So just as an FYI, I did quite a bit of digging into this, here’s what I found out:
The way Google AppScript works when it comes to API calls is that when you send the call from Glide, Google will accept the response, but will respond to Glide saying go fetch the API response from somewhere else (the 302 error).
Glide now cannot do that - it will not allow itself to be redirected, but If you don’t actually need the response, you don’t really have a problem (maybe just the inconvenience of Glide 302 error emails).
My use case:
I built a CRM on Glide and I wanted to connect it to our office PBX system. When a CRM user clicks a button in Glide, I fire a request containing the User’s internal extension, and the customer’s phone number to be called.
Since my PBX requires token authentication and renewal, I use a Google Apps sheet as a “processing server”. It receives the request from Glide, runs the authentication with the PBX, the fires a request to the PBX to execute the dial command to both the user’s internal extension and the client’s number.
The result, once the user clicks that button, their office phone rings, and when they pick up, the customer is on the other line. As an added bonus, the call firing from Glide is logged so we have a record of when the call was initiated.
I get 50-100 emails daily from Glide saying 302 error, but everything still works perfectly because I never needed Glide to process Google’s response anyway..