Solved: Export CSV via Bulk Activities API

SandyB3 · ‎11-14-2013

I'm trying to get an export of all the email addresses on one of our contact lists using the Bulk Acitivities API as per your documentation.

http://developer.constantcontact.com/docs/bulk_activities_api/bulk-activities-export-contacts-API.ht...

I'm POSTing the following request parameters;

access_token	[my-token]
api_key	[my-api-key]
column_names[]	Email Address
export_added_by	true
export_date_added	true
file_type	CSV
lists[]	2
sort_by	EMAIL_ADDRESS

via Javascript to https://api.constantcontact.com/v2/activities/exportcontacts.

Unfortunately I keep getting a 415 Unsupported Media Type response.

Any suggestions?

DaveBerard · ‎11-14-2013

We definitely recommend using a server side language for security reasons. Cross site JavaScript does not work in browsers by default, it is disabled for security purposes. You would have to override the default security of the browser you're using to allow that to work. If you are planning to have this integration used by people other than yourself, you'll have lots of problems with cross site scripting failures. Also, since the access_token is in the javascript you're using to make the request, you have a security hole where anyone who views the source of the page making the request can get your access token and full access to your data.

However, if you're going to use JavaScript to make the request, you have to change the content-type header of the XMLHttpRequest that you're making to ensure it's the right type of request. To do this, you need to use the setRequestHeader() method of the XmlHttpRequest object. Definition of this method is found here: http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader()-method

Dave Berard
Senior Product Manager, Constant Contact

View solution in original post

SandyB3 · ‎11-14-2013

Never mind - having far more success doing this server side with the PHP library.

DaveBerard · ‎11-14-2013

We definitely recommend using a server side language for security reasons. Cross site JavaScript does not work in browsers by default, it is disabled for security purposes. You would have to override the default security of the browser you're using to allow that to work. If you are planning to have this integration used by people other than yourself, you'll have lots of problems with cross site scripting failures. Also, since the access_token is in the javascript you're using to make the request, you have a security hole where anyone who views the source of the page making the request can get your access token and full access to your data.

However, if you're going to use JavaScript to make the request, you have to change the content-type header of the XMLHttpRequest that you're making to ensure it's the right type of request. To do this, you need to use the setRequestHeader() method of the XmlHttpRequest object. Definition of this method is found here: http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader()-method

Dave Berard
Senior Product Manager, Constant Contact

SandyB3 · ‎11-14-2013

Hi Dave,

This was for a one off task so I'd gone client side purely for the sake of expediency. Taking that route ended up being more trouble than it's worth for exactly the reasons you've outlined in your reply. Lesson learned!

I've been getting on fine with the PHP wrapper this afternoon so back on track. Thanks for your help.

Cheers,

Neil

Export CSV via Bulk Activities API

Export CSV via Bulk Activities API

Developer Portal

Three Reasons Why You Should Use Email Marketing Year Round