Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<script language='javascript' runat='server'>
Platform.Load('Core', '1');
// Arrays of allowed values for both Sender Address and Sender Origin
// Sender Address is the from address when you send an email, make sure your expected from address is included in the list
// Sender Origin represents the domain originating the request
// The Marketing Cloud origin is in place to allow testing in Subscriber Preview, update that value to match your stack
var isAllowed = {
senderAddress:[
'amp@gmail.dev'
],
senderOrigin:[
'https://playground.amp.dev',
'https://amp.gmail.dev',
'https://mail.google.com',
'https://user-content.s10.sfmc-content.com' // update to SFMC stack
]
}
// Getting headers from the request made to the Code Resource
var emailSender = Platform.Request.GetRequestHeader("AMP-Email-Sender")
var emailOrigin = Platform.Request.GetRequestHeader("Origin")
var sourceOrigin = Platform.Request.GetQueryStringParameter("__amp_source_origin");
//Helper function to check arrays
Array.includes = function(req, arr) {
for(i = 0; i < arr.length; i++) {
if (!ret || ret == false) {
ret = req.toUpperCase() == arr[i].toUpperCase() ? true: false;
}
}
return ret;
}
// Check the email sender and origin from the request against the allowed values in `isAllowed`
// If anything fails, an error is raised and the request returns no data
if(emailSender) {
if(Array.includes(emailSender, isAllowed.senderAddress)) {
HTTPHeader.SetValue("AMP-Email-Allow-Sender", emailSender)
} else {
Platform.Function.RaiseError("Sender Not Allowed",true,"statusCode","3");
}
} else if(emailOrigin) {
if(Array.includes(emailOrigin, isAllowed.senderOrigin)) {
if (sourceOrigin) {
HTTPHeader.SetValue("Access-Control-Allow-Origin", emailOrigin);
HTTPHeader.SetValue("Access-Control-Expose-Headers", "AMP-Access-Control-Allow-Source-Origin");
HTTPHeader.SetValue("AMP-Access-Control-Allow-Source-Origin", sourceOrigin);
// added for testing in certain environments
HTTPHeader.SetValue("Access-Control-Allow-Credentials", "true");
}
} else {
Platform.Function.RaiseError("Origin Not Allowed",true,"statusCode","3");
}
} else {
// If neither header is present raise an error and return no data
Platform.Function.RaiseError("Origin and Sender Not Present",true,"statusCode","3");
}
var api = new Script.Util.WSProxy();
try {
var request = api.retrieve(
"DataExtensionObject[AmpCoupon]",
["CouponId"],
{
Property: "Claimed",
SimpleOperator: "equals",
Value: "False"
}
);
if(request.Status == "OK") {
var couponPresent = true;
if(request.Results.length > 0){
couponPresent = true;
}else{
couponPresent = false;
}
var result = {
items: [
{
coupon: request.Results.length,
couponBoolean:couponPresent
}
]
}
Write(Stringify(result));
} else {
throw "There was a problem retrieving from the Data Extension.";
}
} catch(err) {
Write(Stringify({
status: "Error",
message: err
}));
}
</script>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment