Logs in Web Apps for Google Apps Script

26 Jul 2020, 08:26

GasTips

Google Apps Script / WebApps / Log

This is a report for retrieving the logs in Web Apps for Google Apps Script, when it requests to the Web Apps.

Experimental condition

1. Sample script for Web Apps

const doGet = (e) => {
  Logger.log(`GET method: ${JSON.stringify(e)}`);
  console.log(`GET method: ${JSON.stringify(e)}`);
  return ContentService.createTextOutput(
    JSON.stringify({ method: "GET", e: e })
  );
};
const doPost = (e) => {
  Logger.log(`POST method: ${JSON.stringify(e)}`);
  console.log(`POST method: ${JSON.stringify(e)}`);
  return ContentService.createTextOutput(
    JSON.stringify({ method: "POST", e: e })
  );
};

This Web Apps is deployed as Execute the app as: Me and Who has access to the app: Anyone, even anonymous.

2. Sample Google Apps Script project

Google Apps Script of standalone type WITHOUT linking Google Cloud Platform (GCP) Project
- In this case, you can retrieve this standalone Google Apps Script by directly creating.
Google Apps Script of standalone type WITH linking Google Cloud Platform (GCP) Project
- In this case, you can retrieve this standalone Google Apps Script by this flow.

3. Experimental procedure

To above Web Apps of doGet and doPost, it requests with the following 4 patterns.

For doGet.

$ curl -L "https://script.google.com/macros/s/###/exec"

For doPost.

$ curl -L -d "key=value" "https://script.google.com/macros/s/###/exec"

For doGet. Access token is used.

$ curl -L -H "Authorization: Bearer ###" "https://script.google.com/macros/s/###/exec"

For doPost. Access token is used.

$ curl -L -H "Authorization: Bearer ###" -d "key=value" "https://script.google.com/macros/s/###/exec"

Result and discussions

The conditions which can confirm the logs are as follows.

	Without access token	With access token
Without linking GCP		Apps Script Dashboard
With linking GCP	Stackdriver	Apps Script Dashboard and Stackdriver

From above results, it was found as follows.

If you use the default Google Apps Script project without linking GCP, in order to retrieve the logs which requested to the Web Apps, please access to the Web Apps using the access token, even when the Web Apps is deployed as Execute the app as: Me and Who has access to the app: Anyone, even anonymous.
If you use the Google Apps Script project with linking GCP, you can retrieve all logs of users who accessed to the Web Apps at Stackdriver, even when the Web Apps is deployed as Execute the app as: Me and Who has access to the app: Anyone, even anonymous.
In this case, the logs couldn’t be seen with Logger.log for above all situations.

IMPORTANT

In the current stage, when the access token is used for XMLHttpRequest and fetch of Javascript in the request headers, the error related to CORS occurs. So, in this report, I would like to propose the workaround for resolving this issue.

References

Web Apps
Taking advantage of Web Apps with Google Apps Script
- This report was also added to this report.