'Google Safe Browsing api result is not the same as online result
I use Google Safe Browsing api doc to let My android application can check URL whether is safe or not.
https://developer.android.com/training/safetynet/safebrowsing?hl=zh-cn
But when I send valid phish URL, there is no wrong with message.
I use this URL to check the website online:
https://transparencyreport.google.com/safe-browsing/search?url=
My test URL(valid Phish website):
The online result(It will display unsafe website):
https://transparencyreport.google.com/safe-browsing/search?url=http:%2F%2Fonline-podpora.cc%2F
But my application message display:
Want to check URL is:
http://online-podpora.cc/
null
SafetyNet response sucessfully!
There is no threat in this website.
My build.gradle:
implementation 'com.google.android.gms:play-services-safetynet:18.0.1'
The code:
I have Initialized the API in onResume():
@CallSuper
@Override
protected void onResume() {
super.onResume();
_vaultManager.setBlockAutoLock(false);
Thread thread = new Thread(){
public void run(){
try {
Tasks.await(SafetyNet.getClient(getApplicationContext()).initSafeBrowsing());
} catch (ExecutionException e) {
System.out.println(e.getMessage());
e.printStackTrace();
} catch (InterruptedException e) {
System.out.println(e.getMessage());
e.printStackTrace();
}
}
};
thread.start();
}
//Use SafetyNet
System.out.println("Want to check URL is:");
System.out.println(URL_text);
SafetyNet.getClient(this).lookupUri(URL_text, myAPIKEY,
SafeBrowsingThreat.TYPE_POTENTIALLY_HARMFUL_APPLICATION,
SafeBrowsingThreat.TYPE_SOCIAL_ENGINEERING)
.addOnSuccessListener(this,
new OnSuccessListener<SafetyNetApi.SafeBrowsingResponse>() {
@Override
public void onSuccess(SafetyNetApi.SafeBrowsingResponse sbResponse) {
// Indicates communication with the service was successful.
// Identify any detected threats.
System.out.println("SafetyNet response sucessfully!");
if (sbResponse.getDetectedThreats().isEmpty()) {
// No threats found.
System.out.println("There is no threat in this website.");
} else {
// Threats found!
System.out.println("Threat in website!!!!");
}
}
})
.addOnFailureListener(this, new OnFailureListener() {
@Override
public void onFailure(@NonNull Exception e) {
System.out.println("Get API service wrong.");
// An error occurred while communicating with the service.
if (e instanceof ApiException) {
System.out.println("Google Paly Service API error");
// An error with the Google Play Services API contains some
// additional details.
ApiException apiException = (ApiException) e;
System.out.println(CommonStatusCodes
.getStatusCodeString(apiException.getStatusCode()));
System.out.println(e.getMessage());
// Note: If the status code, apiException.getStatusCode(),
// is SafetyNetstatusCode.SAFE_BROWSING_API_NOT_INITIALIZED,
// you need to call initSafeBrowsing(). It means either you
// haven't called initSafeBrowsing() before or that it needs
// to be called again due to an internal error.
} else {
System.out.println("Else error:");
// A different, unknown type of error occurred.
System.out.println(e.getMessage());
}
}
});
What's wrong??
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|