Form redirecting in new google sites

I created a form using the app script. In the html file I have the below;

<form name="Subscribe-to-Central" id="Subscribe-to-Central" action="https://script.google.com/macros/s/key/exec" method="POST" onsubmit="myFunction()">  

Inputs ..

</form>

<script>
function myFunction() {
  alert("Successfully subscribed. Please press okay to return to the home page");
  window.open("URL", "_top");
}
</script>

The form is working good at which sending the date to the attached sheet and also redirecting to the "URL" after submit but the problem is when I tried to embed the form in the new google sites, it still sends the data to the sheet but no more redirect and it gives the following error "script.googleusercontent.com refused to connect."

PS: Please note that I face this problem only with new google sites. I tried embedding the same script in classic google sites and it worked just fine

Answer:

Unfortunately, due to changes in how New Sites work compared to Classic sites, it is no longer possible to complete a redirect in a New Site.

More Information:

As you can see in the console, you get the following error when attempting to navigate the top-level window from JavaScript:

Unsafe JavaScript attempt to initiate navigation for frame with origin https://sites.google.com from frame with URL https://<id>.script.googleusercontent.com/userCodeAppPanel. The frame attempting navigation of the top-level window is sandboxed, but the flag of allow-top-navigation or allow-top-navigation-by-user-activation is not set.

and:

Refused to display <URL> in a frame because it set X-Frame-Options to sameorigin.

It is possible to set the X-Frame-Options for the embedded Google Apps Script page using the .setXFrameOptionsMode() method of HtmlService and using the XFrameOptionsMode Enumerator as shown here:

function doGet(e) {
  return HtmlService.createHtmlOutputFromFile('index')
                    .setXFrameOptionsMode(HtmlService.XFrameOptionsMode.ALLOWALL);
}

Unfortunately, the Sandbox needs the allow-top-navegation or allow-top-navegation-by-user flag to be able to redirect from a Sandbox. As per hte documentation, the only Sandbox modes available from HtmlService are the following Enmerators:

• IFRAME: A sandbox mode that uses iframe sandboxing instead of the Caja sandbox technology used by the EMULATED and NATIVE modes. This mode is the default for new scripts as of November 12, 2015 and for all scripts as of July 6, 2016.

• NATIVE: A sandbox mode that is built on top of ECMAScript 5 strict mode. A sandbox mode built on top of ECMAScript 5 strict mode. This mode was sunset as of July 6, 2016. All scripts now use IFRAME mode.

• EMULATED: A legacy sandbox mode that emulates ECMAScript 5 strict mode using only the features available in ECMAScript 3. This mode was the default prior to February 2014. Actually deprecated, All scripts attempting use EMULATED will now use IFRAME instead.

The setting of flags for the Sandboxed embed isn't possible to do from within the New Sites interface either, so adding the required navigation allow flag can't be done from Sites end either.

What you can do:

There isn't anything here that can be done as long as you are working with New Sites. As you have already pointed out, however, Classic Sites do allow this if this is a suitable workaround.

References:

• Same-origin policy - MDN web docs
• The Document Object Model (DOM) - MDN web docs
• Google Apps Script - Class HtmlOutput
• Method HtmlOutput.setXFrameOptionsMode(mode)
• Enum XFrameOptionsMode
• Method HtmlOutput.setSandboxMode(mode)
• Enum SandboxMode