1

I'm writing a program that queries Google Safe Browsing for certain urls. I am getting the following error: 'Error: 403 Client Error: Forbidden for url: https://safebrowsing.googleapis.com/v4/threatMatches:find?key=[API_KEY]'

import requests, json, uuid

API_KEY = '...'

def check_urls(urls):

    url = 'https://safebrowsing.googleapis.com/v4/threatMatches:find?key=' + API_KEY

    payload = {
        "client": {
            "clientId": str(uuid.uuid4()),
            "clientVersion": "1.1"
    },
         "threatInfo": {
             "threatTypes": ["MALWARE", "SOCIAL_ENGINEERING", 
                             "UNWANTED_SOFTWARE"],
             "platformTypes": ["ANY_PLATFORM"],
             "threatEntryTypes": ["URL"],
             "threatEntries": [{"url": url} for url in urls]
         }
    }

    headers = {
        "Content-Type": "application/json" 
    }


    try:
        response = requests.post(url, headers=headers, 
                   data=json.dumps(payload))
        response.raise_for_status()  # Raise an exception for non-2xx status codes
        data = response.json()
        if "matches" in data:
            malicious_urls = [match["threat"]["url"] for match in data["matches"]]
            return malicious_urls
        else:
            return []
    except requests.exceptions.RequestException as e:
        print("Error:", e)
        return []

def main():

    urls = ['example1.com', 'example2.com']

    try:
        malicious_urls = check_urls(urls)
    except:
        print('There was an error with the urls!')

    if malicious_urls:
        print("Malicious URLs found:")
        for url in malicious_urls:
            print(url)
    else:
        print("No malicious URLs found.")

I have double checked that my API Key is correct and that I have the API enabled through the platform. I have searched for previous related answers on stackoverflow but didn't work.

nolan
  • 33
  • 4
  • 1) When making the POST request, add the HTTP header `Content-Type: application/json`. 2) The `clientId` should be unique. – John Hanley Jun 22 '23 at 22:08
  • I made the following changes : 1) "clientId": str(uuid.uuid4()) , 2) headers = { "Content-Type": "application/json" } , 3) response = requests.post(url, headers=headers, data=json.dumps(payload)) but I get same error again. – nolan Jun 22 '23 at 22:19
  • Update your post with the current changes. – John Hanley Jun 22 '23 at 22:22
  • The post is updated. Any further ideas? – nolan Jun 23 '23 at 08:41

1 Answers1

0

Most likely the API is incorrect or not authorized to access the Safe Browsing API so that the request is forbidden.

I would suggest: create a new API in other project and enable it for Safe Browsing.

user4703417
  • 41
  • 3
  • I did it but now I am getting Error: 400 Client Error: Bad Request for url: https://safebrowsing.googleapis.com/v4/threatMatches:find?key=[API_Key] – nolan Jun 25 '23 at 14:21
  • Possible naming conflict **url**, try to set another name _google_url = 'https://safebrowsing.googleapis.com/v4/threatMatches:find?key=' + API_KEY_ – user4703417 Jun 26 '23 at 01:48