Theju's tryst with life

Google Safe Browsing and Django Newforms

Mon 12 November 2007 by Thejaswi Puthraya

Google Safe Browsing and Django Newforms

What is Google Safe Browsing

It is an API that enables applications to check URLs against Google's constantly updated blacklists of suspected phishing and malware pages. For more check out http://code.google.com/apis/safebrowsing/

Why use Google Safe Browsing?

Nowadays everyone is bombarded by loads of spam soliciting people to click on an innocent looking ;-) link. If some dumb user falls for the trick then his life would become miserable from that moment. As elders say Prevention is better than cure, so be careful before you click these links.

Google Safe Browsing is a step towards preventing the user from making such dastardly mistakes. Google, one of the largest and popular online search engine has released the database of suspected malware and phishing blacklisted sites.

Google is one of the most active partners of StopBadware and AntiPhishing and hence you have access to almost all the badware site urls.

Why Django?

Django is one of the coolest Python web frameworks around. I have been associated with Django for quite some time now and wanted to contribute my bit to the community.

  • For Django users, I have created a form field called Safe_URLField that checks against the database and raises an error if the url is found in it.
from django import newforms as forms
from safe_browsing.forms import Safe_URLField

class SomeForm(forms.Form):
    url_descr = forms.CharField(max_length=50)
    url_field = Safe_URLField()

>>> data = {"url_descr": "Crap Site","url_field":u"www.fxmp3.com"}
>>> f = SomeForm(data)
>>> f.is_valid()
False
>>> f.errors
{'url_field': [u'For Malware Detection:This page appears to contain malicious code...']}
>>>
>>> data2 = {"url_descr":"Excellent Site","url_field":u"http://thejaswi.info"}
>>> g = SomeForm(data2)
>>> g.is_valid()
True
>>> g.errors
{}

Note

I have also scripted a Safe_URLField alongwith a validator (isBadwareURL) which could be used with oldforms(whose use is not recommended).

Who can use this service?

  • Sites where there is input of urls whose credentials might sometimes be suspect, thanks to spammers.(A classic example would be DjangoSites).
  • Folks who download lots of software and music from untrusted sources.

For a demo, you can check out the service here.

Warning

Please use this service judiciously as my hosting plan is constrained by RAM usage. To prevent misuse, I am recording IP addresses. I assure that this information will be kept confindential and not be used for any other purpose.