What about security? Anybody can do fishing attack on spreadsheet,

[umeshnevase]

What about security? anybody can be a fishing attack on spreadsheet. I can send tons of requests by fetch method to overflow the spreadsheet. Is there any solution for this security threats?

[hola-there]

I think the way to belay these concerns is to place a server-less listener in front of the required setup for the google sheet.

One such option could be AWS Lambda. Basically add CAPTCHA to reduce fake or bot generated form entries then send the request to the AWS lambda endpoint then forward the request to the google sheets. Which means the sheet that is attempting to be populated and the relevant API keys plus other identifiable information would remove all phishing, fake data insertions, data manipulation, & related concerns.

The AWS Lambda free usage tier includes 1M free requests per month and 400,000 GB-seconds of compute time per month.

Source: https://aws.amazon.com/lambda/pricing/

Maybe after bringing up this path there may be a way to create keys to only enable use to the specific spreadsheet and only allow write permissions?

• Add CAPTCHA to Form
• Use client side input sanitation via javascript
• Use some free tier or paid serverless service
• Forward the request from serverless service to the google script
• Enjoy your google sheet backend (somewhat) securely

[rocksvicks]

@umeshnevase I finished its really safe.. but yout app script is public api.
i can use for google sheet backend

[NafeesAhamed06]

Hello, is it really safe?