I am creating an API to record Google Form responses.
I have implemented the following code in GAS and am using UrlFetchApp in GAS to run Endpoint when submitting Google Forms.
When executing UrlFetchApp, sometimes it succeeds with 200 and sometimes it fails with 403, and I would like to know why 403 is generated. I am testing with the same Parameter of Google Form and API server side execution.
function onFormSubmit(e) {
const responses = e.response.getItemResponses();
const userId = responses[0].getResponse()
const questionnaireId = responses[1].getResponse()
Logger.log(`userId:${userId}`);
Logger.log(`questionnaireId:${questionnaireId}`);
if (!isUUID(userId) || !isUUID(questionnaireId)) {
Logger.log('Invalid UUID format.');
return;
}
const baseUrl = `https://example.com`;
const endpoint = `${baseUrl}/v1/users/${userId}/questionnaire`;
Logger.log(`endpoint: ${endpoint}`);
var payload = {
"questionnaire_id": questionnaireId,
};
var options = {
"method": "post",
"payload": JSON.stringify(payload),
"headers": {
"Content-Type": "application/json",
"Accept": "application/json"
},
"muteHttpExceptions": true
};
var response = UrlFetchApp.fetch(endpoint, options);
Logger.log(response.getContentText());
}
function isUUID(str) {
const uuidPattern = /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
return uuidPattern.test(str);
}
Self Resolved. We use AWS to build our API and when I removed
AWSManagedRulesAnonymousIpListfrom the WAF rules, the 403 error stopped occurring. Perhaps one of the IPs Google is using is being blocked.