按照此处的说明,以下代码在示例站点上似乎返回了良好的结果,但在实际的网络钓鱼站点 ( https://www.clicktrackingsall.com/a.php) 上,它返回空:
const axios = require('axios');
const apikey = '<apikey>';
const req = (uri) => `https://webrisk.googleapis.com/v1/uris:search?key=${apikey}&threatTypes=MALWARE&threatTypes=SOCIAL_ENGINEERING&threatTypes=UNWANTED_SOFTWARE&uri=${encodeURIComponent(uri)}`
const checkUrl = async (url) => {
return axios.get(req(url));
}
// returns threatTypes: [ 'SOCIAL_ENGINEERING' ]
checkUrl('http://testsafebrowsing.appspot.com/s/phishing.html').then(({data}) => console.log(data));
// returns threatTypes: [ 'MALWARE' ]
checkUrl('http://testsafebrowsing.appspot.com/s/malware.html').then(({data}) => console.log(data));
// returns empty result
checkUrl('https://www.clicktrackingsall.com/a.php').then(({data}) => console.log(data));
当使用 chrome 导航到页面时,它会阻止它。使用google 透明度报告也会返回网络钓鱼。
使用安全浏览api时也会发生
const axios = require('axios');
const url = 'https://safebrowsing.googleapis.com/v4/threatMatches:find?key=<yourapikey>';
const jsonReq = {
"client": {
"clientId": "<client-id>",
"clientVersion": "<client-version>"
},
"threatInfo": {
"threatTypes": [ "MALWARE", "SOCIAL_ENGINEERING", "UNWANTED_SOFTWARE", "POTENTIALLY_HARMFUL_APPLICATION"],
"platformTypes": ["ANY_PLATFORM"],
"threatEntryTypes": ["URL","EXECUTABLE"],
"threatEntries": [
{"url":"http://testsafebrowsing.appspot.com/s/phishing.html"},
{"url":"http://testsafebrowsing.appspot.com/s/malware.html"},
{"url":"https://www.clicktrackingsall.com/a.php"},
{"url":"http://getnetflix.club/"}
]
}
};
axios.post(url, jsonReq).then(result => {
console.log(JSON.stringify(result.data, null, 2));
})
/* prints:
{
"matches": [
{
"threatType": "SOCIAL_ENGINEERING",
"platformType": "ANY_PLATFORM",
"threat": {
"url": "http://testsafebrowsing.appspot.com/s/phishing.html"
},
"cacheDuration": "300s",
"threatEntryType": "URL"
},
{
"threatType": "MALWARE",
"platformType": "ANY_PLATFORM",
"threat": {
"url": "http://testsafebrowsing.appspot.com/s/malware.html"
},
"cacheDuration": "300s",
"threatEntryType": "URL"
}
]
}*/
难道我做错了什么?