Apps Script Gadget on Google Site started throwing CORS errors

Question

I have a Google Site with multiple pages all containing a Google Apps Script Gadget. Users have reported that a couple of months ago, the Apps Script Gadgets stopped working. I have tested them, and found that the Apps Script gadget loads correctly and displays content from UI service, however, when any button is clicked that runs a function, the Apps Script Gadget hangs and a console error in the browser shows:

Uncaught SecurityError: Failed to read the 'frame' property from 'Window': Blocked a frame                      
with origin "https://sites.google.com" from accessing a frame with origin
"https://xxxxxxxxxxxxxxxx-a-sites-opensocial.googleusercontent.com".
Protocols, domains, and ports must match.

Have Google changed some kind of security policy that prevents Cross Origin requests from being made to Apps Script Scripts? Is there any kind of workaround for this?

Thanks

Stu

Answer 1

The only solution I could find to this issue was to replace the gadget with a link that opens the Apps Script URL in a new page.