0

I am trying to integrate Google Safe browsing API to my website. The documentation:

What I have tried:

$apiKey = 'MyFakeAPiKey-pozpkefpoqskpfazejsqpi';
$url = 'http://www.bbc.com/';
$url = urlencode($url);
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://sb-ssl.google.com/safebrowsing/api/lookup?client=firefox&key='. $apiKey.'&appver=1.5.2&pver=4.0&url='.$url");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);

$headers = array();
$headers[] = "Content-Type: application/json";
$headers[] = "Content-length: auto";
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$result = curl_exec($ch);
if (curl_errno($ch)) {
    echo 'Error:' . curl_error($ch);
}
curl_close($ch);

echo print_r($result, true);

I get no response.What I am doing wrong?

Suhaib Janjua
  • 3,538
  • 16
  • 59
  • 73
Dr. House
  • 483
  • 7
  • 23

3 Answers3

0

I found a solution. Everything works as expected.

  $url = 'http://911.sos-empleados.net';


                  $apiKey = 'Your API';
                  $apiUrl = 'https://safebrowsing.googleapis.com/v4/threatMatches:find?key='.$apiKey;

                  $params = [
                      'client' => [
                          'clientId' => 'foobar',
                          'clientVersion' => '1.2.3'
                      ],
                      'threatInfo' => [
                             "threatTypes" =>["MALWARE", "SOCIAL_ENGINEERING"],
                            "platformTypes" => ["WINDOWS"],
                             'threatEntryTypes' => ['URL'],
                          'threatEntries' => [
                              [ 'url' => $url ]
                          ]
                      ]
                  ];


                  $ch = curl_init($apiUrl);
                  curl_setopt_array($ch, [
                      CURLOPT_POST => 1,
                      CURLOPT_RETURNTRANSFER => 1,
                      CURLOPT_HEADER => 1,
                      CURLOPT_POSTFIELDS => json_encode($params),
                      CURLOPT_HTTPHEADER => [
                          'Content-Type: text/json'
                      ]
                  ]);

                  $res = curl_exec($ch);
                  ?> <pre><?php echo print_r($res, true); ?></pre> <?php
                  ?>
Dr. House
  • 483
  • 7
  • 23
0

You're using an old version of the API. The endpoint in your code corresponds to version 1 of the Safe Browsing API, which was deprecated in December 2011, and which has since been shut down.

You will need to update to a supported version of the API -- preferably v4, as that's current.

  • Deprecated is not equal to not working. I managed to get both v3 and v4 working, but of course stayed with v4. And the answer I have provided is for v4. – Dr. House Feb 23 '17 at 19:09
  • 1
    What has been deprecated -- and subsequently shut down, although I can't find an exact date -- is **version 1** of the Safe Browsing API. (As well as version 2.) Later versions are fine, but the code you initially posted was specific to the old, nonfunctional, version of the API. –  Feb 23 '17 at 20:08
0

An empty response is normal for this API.

API version 4 returns an empty object if the url is not found in the database:

{}

If the url is found in the database, it returns an object like this:

{
    "matches": [{
        "threatType": "MALWARE",
        "platformType": "ALL_PLATFORMS",
        "threat": {
            "url": "http://malware.testing.google.test/testing/malware/"
        },
        "cacheDuration": "300s",
        "threatEntryType": "URL"
    }]
}

You can use this url to check: http://malware.testing.google.test/testing/malware/

Levitskyi
  • 1