Web Risk API . threatLists

Instance Methods

close()

Close httplib2 connections.

computeDiff(constraints_maxDatabaseEntries=None, constraints_maxDiffEntries=None, constraints_supportedCompressions=None, threatType=None, versionToken=None, x__xgafv=None)

Gets the most recent threat list diffs. These diffs should be applied to a local database of hashes to keep it up-to-date. If the local database is empty or excessively out-of-date, a complete snapshot of the database will be returned. This Method only updates a single ThreatList at a time. To update multiple ThreatList databases, this method needs to be called once for each list.

Method Details

close() 
Close httplib2 connections.
computeDiff(constraints_maxDatabaseEntries=None, constraints_maxDiffEntries=None, constraints_supportedCompressions=None, threatType=None, versionToken=None, x__xgafv=None) 
Gets the most recent threat list diffs. These diffs should be applied to a local database of hashes to keep it up-to-date. If the local database is empty or excessively out-of-date, a complete snapshot of the database will be returned. This Method only updates a single ThreatList at a time. To update multiple ThreatList databases, this method needs to be called once for each list.

Args:
  constraints_maxDatabaseEntries: integer, Sets the maximum number of entries that the client is willing to have in the local database. This should be a power of 2 between 2**10 and 2**20. If zero, no database size limit is set.
  constraints_maxDiffEntries: integer, The maximum size in number of entries. The diff will not contain more entries than this value. This should be a power of 2 between 2**10 and 2**20. If zero, no diff size limit is set.
  constraints_supportedCompressions: string, The compression types supported by the client. (repeated)
    Allowed values
      COMPRESSION_TYPE_UNSPECIFIED - Unknown.
      RAW - Raw, uncompressed data.
      RICE - Rice-Golomb encoded data.
  threatType: string, Required. The threat list to update. Only a single ThreatType should be specified per request. If you want to handle multiple ThreatTypes, you must make one request per ThreatType.
    Allowed values
      THREAT_TYPE_UNSPECIFIED - No entries should match this threat type. This threat type is unused.
      MALWARE - Malware targeting any platform.
      SOCIAL_ENGINEERING - Social engineering targeting any platform.
      UNWANTED_SOFTWARE - Unwanted software targeting any platform.
      SOCIAL_ENGINEERING_EXTENDED_COVERAGE - A list of extended coverage social engineering URIs targeting any platform.
  versionToken: string, The current version token of the client for the requested list (the client version that was received from the last successful diff). If the client does not have a version token (this is the first time calling ComputeThreatListDiff), this may be left empty and a full database snapshot will be returned.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    {
  "additions": { # Contains the set of entries to add to a local database. May contain a combination of compressed and raw data in a single response. # A set of entries to add to a local threat type's list.
    "rawHashes": [ # The raw SHA256-formatted entries. Repeated to allow returning sets of hashes with different prefix sizes.
      { # The uncompressed threat entries in hash format. Hashes can be anywhere from 4 to 32 bytes in size. A large majority are 4 bytes, but some hashes are lengthened if they collide with the hash of a popular URI. Used for sending ThreatEntryAdditons to clients that do not support compression, or when sending non-4-byte hashes to clients that do support compression.
        "prefixSize": 42, # The number of bytes for each prefix encoded below. This field can be anywhere from 4 (shortest prefix) to 32 (full SHA256 hash). In practice this is almost always 4, except in exceptional circumstances.
        "rawHashes": "A String", # The hashes, in binary format, concatenated into one long string. Hashes are sorted in lexicographic order. For JSON API users, hashes are base64-encoded.
      },
    ],
    "riceHashes": { # The Rice-Golomb encoded data. Used for sending compressed 4-byte hashes or compressed removal indices. # The encoded 4-byte prefixes of SHA256-formatted entries, using a Golomb-Rice encoding. The hashes are converted to uint32, sorted in ascending order, then delta encoded and stored as encoded_data.
      "encodedData": "A String", # The encoded deltas that are encoded using the Golomb-Rice coder.
      "entryCount": 42, # The number of entries that are delta encoded in the encoded data. If only a single integer was encoded, this will be zero and the single value will be stored in `first_value`.
      "firstValue": "A String", # The offset of the first entry in the encoded data, or, if only a single integer was encoded, that single integer's value. If the field is empty or missing, assume zero.
      "riceParameter": 42, # The Golomb-Rice parameter, which is a number between 2 and 28. This field is missing (that is, zero) if `num_entries` is zero.
    },
  },
  "checksum": { # The expected state of a client's local database. # The expected SHA256 hash of the client state; that is, of the sorted list of all hashes present in the database after applying the provided diff. If the client state doesn't match the expected state, the client must discard this diff and retry later.
    "sha256": "A String", # The SHA256 hash of the client state; that is, of the sorted list of all hashes present in the database.
  },
  "newVersionToken": "A String", # The new opaque client version token. This should be retained by the client and passed into the next call of ComputeThreatListDiff as 'version_token'. A separate version token should be stored and used for each threatList.
  "recommendedNextDiff": "A String", # The soonest the client should wait before issuing any diff request. Querying sooner is unlikely to produce a meaningful diff. Waiting longer is acceptable considering the use case. If this field is not set clients may update as soon as they want.
  "removals": { # Contains the set of entries to remove from a local database. # A set of entries to remove from a local threat type's list. This field may be empty.
    "rawIndices": { # A set of raw indices to remove from a local list. # The raw removal indices for a local list.
      "indices": [ # The indices to remove from a lexicographically-sorted local list.
        42,
      ],
    },
    "riceIndices": { # The Rice-Golomb encoded data. Used for sending compressed 4-byte hashes or compressed removal indices. # The encoded local, lexicographically-sorted list indices, using a Golomb-Rice encoding. Used for sending compressed removal indices. The removal indices (uint32) are sorted in ascending order, then delta encoded and stored as encoded_data.
      "encodedData": "A String", # The encoded deltas that are encoded using the Golomb-Rice coder.
      "entryCount": 42, # The number of entries that are delta encoded in the encoded data. If only a single integer was encoded, this will be zero and the single value will be stored in `first_value`.
      "firstValue": "A String", # The offset of the first entry in the encoded data, or, if only a single integer was encoded, that single integer's value. If the field is empty or missing, assume zero.
      "riceParameter": 42, # The Golomb-Rice parameter, which is a number between 2 and 28. This field is missing (that is, zero) if `num_entries` is zero.
    },
  },
  "responseType": "A String", # The type of response. This may indicate that an action must be taken by the client when the response is received.
}