Hacker News new | past | comments | ask | show | jobs | submit login

This is one of those things that's going to be stuck in my head for a while. It's like the author gave me a hammer and now im going to go hunting for a nail.

It seems you can write to them as well... This seems much more magical than "Here is a link to a CSV, import the data yourself".




You probably already knew that Google Apps Script allows your spreadsheet to run functions that can trigger HTTP requests.

Did you know that your spreadsheet can also receive HTTP requests that trigger functions?


i tried to find some resources on this but came up empty. can you provide a link? sounds like a fun workflow


https://developers.google.com/apps-script/guides/web


You are in for a whole lot of magical bad ideas :) Also Google Sheets are "vulnerable" to CSV injection [1] too for "here is a link to an evil CSV, import the data yourself" scenario.

Honestly if there was a way to Auth (even basic Auth or Bearer) via classic Google Sheets, you could create a monster so easily.

[1] http://georgemauer.net/2017/10/07/csv-injection.html


CSV injection is an OLD trick! It's one I learned 20 years ago from someone who, was at the time, older than I am now.

> Honestly if there was a way to Auth (even basic Auth or Bearer) via classic Google Sheets, you could create a monster so easily.

Excel/sheets is an IDE for accountants. They make monsters over there all the time!




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: