>I assume "pub" stands for "public" and is the list they want people >to use through the API if you don't have an explicit agreement with >them. It might even work somewhat differently, but I guess you could >figure that out by checking the Firefox or Chrome code to see if >they use the API the same way as documented. >
I figured out how to use the non-pub list, but this I don't think the behavior is supported by Google. The API is the same, it is just the URL that change and some parameters. The pub list URL is: http://safebrowsing.clients.google.com/safebrowsing/downloads?client=api&apikey=<KEY>&appver=1.5.2&pver=2.2 The non-pub list URL is: http://safebrowsing.clients.google.com/safebrowsing/downloads?client=navclient-auto-ffox&appver=4.0&pver=2.2&wrkey=<KEY> The non-pub list require a "wrkey" parameter which seems to be built-in the navigator and not visible from the user, when the pub list require a "apikey" parameter which is free to acquire from Google. In my first tests, the results between these 2 lists are not the same. Some websites reported as phishing in the non-pub list are not present in the pub list. Florian _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
