Overview

You can use the Safe Browsing API to check URLs for threats. The Safe Browsing list is created and maintained by Yandex. The list contains unsafe websites known for using social engineering (phishing and fraud) or hosting malicious or unwanted code.

To check that a resource is safe, use one of the following interfaces:
  • Lookup. An easy-to-use interface. This interface requires that each URL is checked on the server. It doesn't support data encryption.
  • Update. A complex-to-implement interface. This interface enables high request frequency and low response times. The data you exchange with the server is encrypted.

Lookup

Using this interface, you can check a URL by sending a request to the Yandex Safe Browsing server.

Advantages
  • Simple URL check. Send a request containing a list of URLs: the server will respond whether each of them is safe.
Disadvantages
  • No privacy. The URL is sent in an unencrypted format. The server knows which URLs the user wants to check.
  • The response time is undefined. Each request is processed by the server. Response time is not guaranteed.

If you don't have any data privacy or response time requirements, use the Lookup interface.

Update

Using the Update interface, you can download an encrypted copy of the Safe Browsing lists and see if URLs are present on them. This interface enables high request frequency and low response times. It's used by browsers and platforms to protect many users.

Advantages
  • Privacy. The request is only sent to the server if the URL is found in the local Safe Browsing database. The URL is encrypted, and the server is agnostic of the URLs checked.
  • Response time. The local database is a copy of the Safe Browsing lists, so you don't need to access the server every time you check a URL.
Disadvantages
  • Implementation. You need to download and periodically update a copy of the Safe Browsing lists (containing variable-length SHA256 hashes).
  • Sophisticated URL check. You need to canonicalize the URL, create multiple expressions for the host and path, and compute the SHA256 hash (to check the local copy against the server-hosted list).

If you care about data privacy and response times, use the Update interface.