Hey everyone, I’m worried about the upcoming Google security update on September 13th. I’ve got a few questions:
We’ve published an add-on in the Google Marketplace. Will it still work after the update?
Our add-on uses a static URL to grab a logo from Google Drive. Is this going to break?
How can I check if a URL has the right Drive API permissions?
I’m not super tech-savvy, so I’d really appreciate any help or insights. Thanks in advance!
hey there, don’t stress too much! your marketplace add-on should be fine. the main issue is with those static drive URLs - they might break for new users after sept 13. my advice? switch to using the drive API instead of static URLs. it’s a bit more work but way more reliable. for checking permissions, use the ‘permissions.list’ method in the API. good luck!
As someone who’s been through a few Google updates, I can share some insights on this one. Your add-on in the Marketplace should be fine – Google’s not targeting those directly. The real issue is with those static Drive URLs. If you’re pulling a logo from Drive, that might indeed break for new users after the update.
Here’s what I’d suggest: update your add-on to use the Drive API instead of static URLs. It’s a bit more work upfront, but it’ll save you headaches down the line. Plus, it gives you more control over permissions.
For checking permissions, the Drive API has a ‘permissions.list’ method. It’s pretty straightforward to use and will tell you exactly who can access what. Just remember, this update is about improving security, so while it might be a pain now, it’s ultimately a good thing for all of us using Google’s services.
In my experience, while the upcoming security update is designed to enhance overall protection, you might encounter issues if you rely on a static URL for assets like logos. Published add-ons in the Workspace Marketplace are generally not targeted, so your add-on itself should remain functional. However, for static Drive URLs, new users may face access problems if the URL lacks the updated resource key. I recommend transitioning to call the Drive API for both retrieving files and checking permissions via permissions.list. This proactive adjustment can help maintain uninterrupted service once the update goes live.