I'm trying to get an export of all the email addresses on one of our contact lists using the Bulk Acitivities API as per your documentation.
I'm POSTing the following request parameters;
access_token | [my-token] |
api_key | [my-api-key] |
column_names[] | Email Address |
export_added_by | true |
export_date_added | true |
file_type | CSV |
lists[] | 2 |
sort_by | EMAIL_ADDRESS |
via Javascript to https://api.constantcontact.com/v2/activities/exportcontacts.
Unfortunately I keep getting a 415 Unsupported Media Type response.
Any suggestions?
Solved! Go to Solution.
We definitely recommend using a server side language for security reasons. Cross site JavaScript does not work in browsers by default, it is disabled for security purposes. You would have to override the default security of the browser you're using to allow that to work. If you are planning to have this integration used by people other than yourself, you'll have lots of problems with cross site scripting failures. Also, since the access_token is in the javascript you're using to make the request, you have a security hole where anyone who views the source of the page making the request can get your access token and full access to your data.
However, if you're going to use JavaScript to make the request, you have to change the content-type header of the XMLHttpRequest that you're making to ensure it's the right type of request. To do this, you need to use the setRequestHeader() method of the XmlHttpRequest object. Definition of this method is found here: http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader()-method
Never mind - having far more success doing this server side with the PHP library.
We definitely recommend using a server side language for security reasons. Cross site JavaScript does not work in browsers by default, it is disabled for security purposes. You would have to override the default security of the browser you're using to allow that to work. If you are planning to have this integration used by people other than yourself, you'll have lots of problems with cross site scripting failures. Also, since the access_token is in the javascript you're using to make the request, you have a security hole where anyone who views the source of the page making the request can get your access token and full access to your data.
However, if you're going to use JavaScript to make the request, you have to change the content-type header of the XMLHttpRequest that you're making to ensure it's the right type of request. To do this, you need to use the setRequestHeader() method of the XmlHttpRequest object. Definition of this method is found here: http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader()-method
Hi Dave,
This was for a one off task so I'd gone client side purely for the sake of expediency. Taking that route ended up being more trouble than it's worth for exactly the reasons you've outlined in your reply. Lesson learned!
I've been getting on fine with the PHP wrapper this afternoon so back on track. Thanks for your help.
Cheers,
Neil
The holidays have come and gone. For many seasonal businesses, this means the rush of shoppers has decreased as well. Instead of turning off the lights and waiting for spring, make your email marketi...
See Article