3

I am writing a script and wanted to read the content from the URL request.

header['Content-Type']='text/xml';
var apiURL='https://system.na2.netsuite.com/app/setup/upload/csv/csvstatus.nl?XML=T';
var response=https.get({
  url:apiURL,
  headers:header,
});
var newSFID=response.body;
log.debug("XML",a);

But its not reading the content instead of this is going to login page and loggin the initial login page. any idea how to read ?

Arindam
  • 675
  • 8
  • 15

2 Answers2

1

This is completely do-able. The issue is that you are not providing any authorization. You will have to provide an authorization header, if you don't want to get the login page. I've updated your code below (and tested without issue other than I don't believe that page will show as XML?). Simply add your correct authentication information. 

require(['N/record','N/https'],function(record,https){
  function test(){
    var header=[];
    header['Content-Type']='text/xml';
    header['Authorization']='NLAuth nlauth_account=NETSUITEACCOUNT,nlauth_email=LOGINEMAIL,nlauth_signature="LOGINPASSWORD",nlauth_role=3'
var apiURL='https://system.na2.netsuite.com/app/setup/upload/csv/csvstatus.nl?xml=T';
    var response=https.get({
        url:apiURL,
        headers:header
    });
    log.debug('response.body',JSON.stringify(response.body));
  }
  test();
});
w3bguy
  • 2,215
  • 1
  • 19
  • 34
  • Did this offer you the answer you needed? – w3bguy Oct 26 '17 at 11:57
  • It may work, but what I am trying to say is that the way it needs to be done is not supported by NS. If NS found there is an exploit they might remove it and your solution will not work. Also, you might be violating the Terms & Agreement of NS, somewhere in there saying that you can only use features based on their offerings. – vVinceth Oct 26 '17 at 22:32
  • That xml=t is actually for internal NS use only & should not be available in the public. But they can't prevent ex NS employee to use and spread the word. If you are offering your solution to a customer as in house dev it should be fine because you can fix it (if possible) but if your not then it is not good for the customer if this stops working because NS removed the exploit. It is a matter of 'use it at your own risk', as we always say to customers developing things not supported by NS(when I was still in support). – vVinceth Oct 26 '17 at 22:45
  • xml=T is not for internal NetSuite employee use only...? There was even a talk at SuiteWorld this year where they mentioned using it to make grabbing record data easier, from a page (similar to what Arindam is doing). And, this is definitely not an exploit. An exploit is something completely different, even from what you are incorrectly stating xml=T is. ;) – w3bguy Oct 27 '17 at 12:05
  • 1
    When I was in Support we are not allowed to share the xml=T and that is around 2010-2013. It's a good thing they made the xml=t available. – vVinceth Oct 30 '17 at 06:01
-2

What you are doing is not supported in NetSuite. The apiURL isn't a NetSuite endpoint that you can simply call from outside of NetSuite and get the response.

vVinceth
  • 905
  • 5
  • 7
  • I am trying to call the apiURL from internal ScriptLet. Do you think that it can be achievable in any other mean... – Arindam Oct 26 '17 at 13:06