0

I'm having a problem using surveyMonkey API. I'm able to use any public method except the Crate_flow and Send_flow. these two raise me an error in the console:

OPTIONS http://api.surveymonkey.net/v2/client/create_flow?api_key=**MYAPI* 596 (596) Index.html:61 XMLHttpRequest cannot load http://api.surveymonkey.net/v2/client/create_flow?api_key=**MYAPI*. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. Index.html:61 Uncaught NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://api.surveymonkey.net/v2/client/create_flow?api_key=**MYAPI*'.

the code that I'm using is this:

    var xhr = new XMLHttpRequest();
    xhr.open("POST", "http://api.surveymonkey.net/v2/batch/send_flow?api_key="+MYAPI, false);
    xhr.setRequestHeader('Access-Control-Allow-Origin' ,'*');
    xhr.setRequestHeader('Authorization','bearer '+TOKEN);
    xhr.setRequestHeader('Content-Type', 'application/json');
    var body = '{"survey_id" :"54681373","collector":{"type":"email", "recipients":[{"email": "martins.nuno.santos@gmail.com", "first_name": "Nuno", "last_name": "Santos"}],"send":true}, "email_message":{"reply_email":"martins.nuno.santos@gmail.com", "subject":"YOLO", "body_text": "Vamos lá experimentar isto ! [SurveyLink], para remover carrega em [RemoveLink]"}}';
    xhr.send(body);
    console.log(xhr.status);
    console.log(xhr.statusText);
    console.log(xhr.responseText);
Cœur
  • 37,241
  • 25
  • 195
  • 267
Nuno Santos
  • 1

1 Answers1

0

SSL Required

The reason you're getting that error message is that you're accessing the API using the wrong protocol (HTTP instead of HTTPS). Since SSL is required, you're getting an error message in the body of the response <h1>Service Requires SSL</h1>. That message, however, does not come to you with the "Access-Control-Allow-Origin" header and is triggering this error message.

If you change http://api.surveymonkey.net to https://api.surveymonkey.net, you should be good to go.

As a side note: the "Access-Control-Allow-Origin: *" header is something the server will send back to you. It's not something you need to send to the server. It's what's missing in the response you're getting. You can safely remove the line adding it to you request from your code.

Tony Mayse
  • 565
  • 2
  • 10
  • still not working, but thanks for the hint ;) the error still be the same – Nuno Santos Aug 16 '14 at 08:48
  • Hey Nuno, I mentioned that you're getting an error message in the body of your response. You just relayed the error the code was generating. You need to dig into the error that's being sent to you by the API. I noticed some errors in our logs that show an incorrect URL as well. That will generate a different error message. – Tony Mayse Aug 18 '14 at 19:28