Google安全浏览HTTP POST - 403响应 [英] Google Safe Browsing HTTP POST - 403 response

问题描述

我正在研究某个程序，该程序会查询某些网址的Google安全浏览功能，但是我收到了一个错误信息，我认为我不应该收到该信息。

我发送了以下请求：

  2 
 http://google.com 
 http://facebook.com 
  

通过POST发送至： https：// sb-ssl.google.com/safebrowsing/api/lookup?client=api&apikey=[KEY]&appver=1.5.2&pver=3.1

然而，我得到了一个403响应。

这是文档对HTTP POST查找错误所说的内容：

服务器为POST请求生成以下HTTP错误代码：

200：至少所查询的URL在网络钓鱼，恶意软件或不需要的软件列表中匹配。实际结果通过响应主体返回。

•204：没有任何查询的URL匹配网络钓鱼，恶意软件或不需要的软件列表，并且没有返回响应主体。

•400：错误请求 - HTTP请求未正确形成。

<401>：未授权 - API密钥未被授权。

•503：服务不可用 - 服务器无法处理请求。除了正常的服务器故障之外，这也可能表明客户端因为发送太多请求而被限制。

响应代码403没有列出，但我得到它。

我已经三重检查了我的API密钥并确保为我的项目启用了API。我使用了一个服务器密钥，但我也尝试了一个浏览器密钥。

我也尝试了一个GET请求，但确实有效，但我无法获得POST开始工作。这是我的代码：

  try { 
 String baseURL =https://sb-ssl.google.com/safebrowsing/api/lookup; 
 String arguments =; 
参数+ = URLEncoder.encode（client，UTF-8）+=+ URLEncoder.encode（api，UTF-8）+&; 
参数+ = URLEncoder.encode（apikey，UTF-8）+=+ URLEncoder.encode（[KEY]，UTF-8）+&; 
参数+ = URLEncoder.encode（appver，UTF-8）+=+ URLEncoder.encode（1.5.2，UTF-8）+&; 
参数+ = URLEncoder.encode（pver，UTF-8）+=+ URLEncoder.encode（3.1，UTF-8）; 
 
 //构造代表cgi脚本的url对象
 URL url = new URL（baseURL +？+ arguments）; 
 
 //获取一个URLConnection对象，写入POST方法
 HttpURLConnection connect =（HttpURLConnection）url.openConnection（）; 
 connect.setRequestMethod（POST）; 
 
 //指定连接设置
 connect.setDoInput（true）; 
 connect.setDoOutput（true）; 
 
 //获取输出流以写入
 OutputStream output = connect.getOutputStream（）; 
 PrintStream pout = new PrintStream（output）; 
 pout.print（2）; 
 pout.println（）; 
 pout.print（http://www.google.com）; 
 pout.println（）; 
 pout.print（http://www.facebook.com）; 
 pout.close（）; 
 
 BufferedReader in = new BufferedReader（new InputStreamReader（connect.getInputStream（）））; 
 
 String decodedString; $（b）b（b）;（（encodedString = in.readLine（））！= null）{
 System.out.println（w：+ decodedString）; 
} 
 in.close（）; 
} catch（Exception e）{
 e.printStackTrace（）; 
} 
  

解决方案

我发现了错误。 CGI参数不正确。它应该是键而不是 apikey 。尽管如此，你仍然感到奇怪的是你得到了一个未公开的答复代码。

I'm working on a program that queries Google Safe Browsing for certain urls, but I'm getting an error that I don't think I should be getting.

I'm sending the following request:

2
http://google.com
http://facebook.com

via POST to: https://sb-ssl.google.com/safebrowsing/api/lookup?client=api&apikey=[KEY]&appver=1.5.2&pver=3.1

However, I'm getting a 403 response.

This is what the documentation says for HTTP POST lookup errors:

The server generates the following HTTP error codes for the POST request:

•200: AT LEAST ONE of the queried URLs are matched in either the phishing, malware, or unwanted software lists. The actual results are returned through the response body.

•204: NONE of the queried URLs matched the phishing, malware, or unwanted software lists, and no response body is returned.

•400: Bad Request—The HTTP request was not correctly formed.

•401: Not Authorized—The API key is not authorized.

•503: Service Unavailable—The server cannot handle the request. Besides the normal server failures, this could also indicate that the client has been "throttled" for sending too many requests.

The response code 403 isn't listed, yet I'm getting it.

I have triple-checked my API-key and made sure the API is enabled for my project. I'm using a Server-key, but I also tried a Browser-key.

I tried doing a GET request also, and that did work, but I cannot get POST to work. What's going on?

Here is my code:

try {
   String baseURL="https://sb-ssl.google.com/safebrowsing/api/lookup";
   String arguments = "";
   arguments +=URLEncoder.encode("client", "UTF-8") + "=" + URLEncoder.encode("api", "UTF-8") + "&";
   arguments +=URLEncoder.encode("apikey", "UTF-8") + "=" + URLEncoder.encode("[KEY]", "UTF-8") + "&";
   arguments +=URLEncoder.encode("appver", "UTF-8") + "=" + URLEncoder.encode("1.5.2", "UTF-8") + "&";
   arguments +=URLEncoder.encode("pver", "UTF-8") + "=" + URLEncoder.encode("3.1", "UTF-8");

   // Construct the url object representing cgi script
   URL url = new URL(baseURL + "?" + arguments);    

   // Get a URLConnection object, to write to POST method
   HttpURLConnection connect = (HttpURLConnection) url.openConnection();
   connect.setRequestMethod("POST");

   // Specify connection settings
   connect.setDoInput(true);
   connect.setDoOutput(true);

   // Get an output stream for writing
   OutputStream output = connect.getOutputStream();
   PrintStream pout = new PrintStream (output);
   pout.print("2");
   pout.println();
   pout.print("http://www.google.com");
   pout.println();
   pout.print("http://www.facebook.com");
   pout.close();                   

   BufferedReader in = new BufferedReader(new InputStreamReader(connect.getInputStream()));

   String decodedString;
   while ((decodedString = in.readLine()) != null) {
      System.out.println("w: " + decodedString);
   }
   in.close();
} catch(Exception e) {
   e.printStackTrace();
}

解决方案

I found the error. The CGI parameter was incorrect. It should have been key and not apikey. Still weird that you get an undocumented response-code though.

这篇关于Google安全浏览HTTP POST - 403响应的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！