PHPackages rattfieldnz/safe-urls - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [API Development](/categories/api) 4. / 5. rattfieldnz/safe-urls ActiveLibrary[API Development](/categories/api) rattfieldnz/safe-urls ===================== A laravel package to check URLs with Google's Safe Browsing API. 0.0.58(6y ago)213[1 issues](https://github.com/rattfieldnz/safe-urls/issues)[2 PRs](https://github.com/rattfieldnz/safe-urls/pulls)MITHTMLPHP >=7.2 Since Jul 29Pushed 4y ago2 watchersCompare [ Source](https://github.com/rattfieldnz/safe-urls)[ Packagist](https://packagist.org/packages/rattfieldnz/safe-urls)[ Docs](https://github.com/rattfieldnz/safe-urls)[ RSS](/packages/rattfieldnz-safe-urls/feed)WikiDiscussions master Synced today READMEChangelogDependencies (13)Versions (73)Used By (0) safe-urls ========= [](#safe-urls) [![PHP Version](https://camo.githubusercontent.com/5799d481d820b8b0e4e34b949ca694e358198e1c525964065043ed7c6ac5f5e1/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7068702d372e332532422d677265656e2e737667)](https://packagist.org/packages/rattfieldnz/safe-urls) [![PHP Version](https://camo.githubusercontent.com/16d8fbbc862a8e88207acda602834d0e47fa7a6ad81e77902c405053cfcb96bb/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7068702d372e322532422d677265656e2e737667)](https://packagist.org/packages/rattfieldnz/safe-urls)[![License: MIT](https://camo.githubusercontent.com/fdf2982b9f5d7489dcf44570e714e3a15fce6253e0cc6b5aa61a075aac2ff71b/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d79656c6c6f772e737667)](https://opensource.org/licenses/MIT)[![Latest Version on Packagist](https://camo.githubusercontent.com/05ddf79f71c989efd93510f833debceb898d913eb1bdf96d25aad581a851ed47/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f726174746669656c646e7a2f736166652d75726c732e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/rattfieldnz/safe-urls)[![Total Downloads](https://camo.githubusercontent.com/f7b00022863eeb1ff5097a9c82d1c7c7177bf866e1c60cafc04e3a80d7bbdad8/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f726174746669656c646e7a2f736166652d75726c732e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/rattfieldnz/safe-urls)[![Build Status](https://camo.githubusercontent.com/dbf1acf36fc8c919ff6031f27d9ce4c3b1aff5770656b2590e8c7167713f28e5/68747470733a2f2f696d672e736869656c64732e696f2f7472617669732f726174746669656c646e7a2f736166652d75726c732f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://travis-ci.org/rattfieldnz/safe-urls)[![StyleCI](https://camo.githubusercontent.com/949cb475e4c2ad84dc95ac691678d35a0c57d55621ff1014c937665389172aeb/68747470733a2f2f7374796c6563692e696f2f7265706f732f3139393433323736322f736869656c64)](https://styleci.io/repos/199432762)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/cb64958119f25b0da550ce712a43039527eda3dc4e821e723e345a1bcb792536/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f726174746669656c646e7a2f736166652d75726c732f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/rattfieldnz/safe-urls/?branch=master)[![codecov](https://camo.githubusercontent.com/d34ddbbd97117d03117dddd2678590327741485e0fff9f8046edbfecb82ed87e/68747470733a2f2f636f6465636f762e696f2f67682f726174746669656c646e7a2f736166652d75726c732f6272616e63682f6d61737465722f67726170682f62616467652e737667)](https://codecov.io/gh/rattfieldnz/safe-urls) A Laravel package to check URLs with [Google's Safe Browsing API (look up)](https://developers.google.com/safe-browsing/v4/lookup-api). Inspired by another similar package @ . Take a look at [contributing.md](contributing.md) to see a to do list. --- - [Installation](#installation) - [Update Config](#update_config) - [Publish Config](#publish_config) - [Set Your Google Safebrowsing API Key](#set_google_safebrowsing_key) - [Usage](#usage) - [Using Blade Syntax](#usage_blade) - [Using Facades](#usage_facades) - [Example With Input and Output](#example_with_input_and_output) - [Test URLs](#testing_urls) - [Testing](#testing) - [Contributing](#contributing) - [Security](#security) - [Credits](#credits) - [License](#license) --- Please Note: ------------ [](#please-note) **This package requires that you have [an active Google Safebrowsing API key](https://developers.google.com/safe-browsing/v4/get-started). It absolutely will not work without one.** It's free to create an API key . Google also throttles API usage, so if you have a high-traffic site, you may want to build in a caching layer or something so you don't burn through your requests too quickly. You can keep an eye on your usage through the [Google API console](https://console.developers.google.com/apis/api/safebrowsing.googleapis.com/usage). **This project is not ready for use in production yet. When it is, there will be first major release (i.e. 1.0.0).** A Note About Google Safebrowsing API Results -------------------------------------------- [](#a-note-about-google-safebrowsing-api-results) During testing, there were a few times when the API showed some malware sites as 'safe', whereas in reality they weren't. For example, running PHPUnit tests showed the [sample sites below](#testing_urls) as being 'safe'; however, running the API in [Postman](https://www.getpostman.com/downloads/) produced expected results. I have not found a solution yet; however, any feedback / suggestions are welcome, as are pull requests etc. Below are links which I have read about this issue further: - [google/safebrowsing#30 (comment)](https://github.com/google/safebrowsing/issues/30#issuecomment-302508958). - . - - Installation -------------------------------------------------- [](#installation) Via Composer ``` $ composer require rattfieldnz/safe-urls ``` ### Update Your Config [](#update-your-config) #### For applications using Laravel =< 5.4 [](#for-applications-using-laravel--54) Open `config/app.php` and add: ``` RattfieldNz\SafeUrls\SafeUrlsServiceProvider::class, ``` to your `providers` array in `config/app.php`, and: ``` 'SafeUrls' => RattfieldNz\SafeUrls\Facades\SafeUrlsFacade::class, ``` to your `aliases` array in `config/app.php`. ### Publish the config [](#publish-the-config) ``` php artisan vendor:publish ``` This will add a `safe-urls.php` config file into your project's `config` folder. ### Set Your Google Safebrowsing API Key [](#set-your-google-safebrowsing-api-key) In your `.env`, add: ``` GOOGLE_API_KEY=YOUR-ACTUAL-API-KEY GOOGLE_CLIENT_ID=your-client-id GOOGLE_CLIENT_VERSION=1.0 (or your preferred number) GOOGLE_CURL_TIMEOUT=10 (in seconds) ``` There are additional options in the config file that relate to what specific types of threats you want to check for, and what platforms you want to check on, but you only really need to worry about that if you want to check *fewer* things, as it's pretty inclusive already. Usage ------------------------------------ [](#usage) ### Using Blade Syntax [](#using-blade-syntax) ``` @if(isset(SafeUrls::check($urls, true)["response"]["matches"])) There are {{ count(SafeUrls::check($urls, true)["response"]["matches"]) }} dangerous URLs. @else No results were found @endif ``` Where `$urls` could be an array of URLs to check, perhaps [passed through your Controller to a view](https://laravel.com/docs/5.8/views#passing-data-to-views). Where `true` will return the results as an associative array. `false` (or not having the second parameter) will return the results as a JSON-encoded string. ``` @if (SafeUrls::isDangerous('http://twitter.com/')) // do something if the url is flagged as suspicious @else // hooray - it's not flagged! @endif ``` ### Using Facades [](#using-facades) ``` SafeUrls::add(['http://ianfette.org']); SafeUrls::add(['http://malware.testing.google.test/testing/malware/']); SafeUrls::execute(); print('Status of the third URL is: '.SafeUrls::isDangerous('http://twitter.com/')); ``` Example with input and output ------------------------------------------------------------------------------------ [](#example-with-input-and-output) If the value of `$urls` was: ``` $urls = [ 'http://www.yahoo.com/' 'http://www.google.com/' 'http://malware.testing.google.test/testing/malware/' 'http://twitter.com/' 'http://ianfette.org' 'https://github.com/' 'https://testsafebrowsing.appspot.com/s/phishing.html' 'https://testsafebrowsing.appspot.com/s/malware.html' 'http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/MALWARE/URL/' 'http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/SOCIAL_ENGINEERING/URL/' ]; ``` `SafeUrls::check($urls, true)` Would return the following associative array: ``` [ "status" => 200, "response" => [ "matches" => [ [ "threatType" => "MALWARE", "platformType" => "ANY_PLATFORM", "threat" => [ "url" => "http://malware.testing.google.test/testing/malware/" ], "cacheDuration" => "300s", "threatEntryType" => "URL" ], [ "threatType" => "SOCIAL_ENGINEERING", "platformType" => "ANY_PLATFORM", "threat" => [ "url" => "http://malware.testing.google.test/testing/malware/" ], "cacheDuration" => "300s", "threatEntryType" => "URL" ], [ "threatType" => "SOCIAL_ENGINEERING", "platformType" => "ANY_PLATFORM", "threat" => [ "url" => "https://testsafebrowsing.appspot.com/s/phishing.html" ], "cacheDuration" => "300s", "threatEntryType" => "URL" ], [ "threatType" => "MALWARE", "platformType" => "ANY_PLATFORM", "threat" => [ "url" => "https://testsafebrowsing.appspot.com/s/malware.html" ], "cacheDuration" => "300s", "threatEntryType" => "URL" ], [ "threatType" => "MALWARE", "platformType" => "ANY_PLATFORM", "threat" => [ "url" => "http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/MALWARE/URL/" ], "cacheDuration" => "300s", "threatEntryType" => "URL" ], [ "threatType" => "SOCIAL_ENGINEERING", "platformType" => "ANY_PLATFORM", "threat" => [ "url" => "http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/SOCIAL_ENGINEERING/URL/" ], "cacheDuration" => "300s", "threatEntryType" => "URL" ], ], ], ] ``` `SafeUrls::check($urls)` (or `SafeUrls::check($urls, false)`) Would return the following JSON-encoded string: ``` { "status":200, "response":{ "matches":[ { "threatType":"MALWARE", "platformType":"ANY_PLATFORM", "threat":{ "url":"http:\/\/malware.testing.google.test\/testing\/malware\/" }, "cacheDuration":"300s", "threatEntryType":"URL" }, { "threatType":"SOCIAL_ENGINEERING", "platformType":"ANY_PLATFORM", "threat":{ "url":"http:\/\/malware.testing.google.test\/testing\/malware\/" }, "cacheDuration":"300s", "threatEntryType":"URL" }, { "threatType":"SOCIAL_ENGINEERING", "platformType":"ANY_PLATFORM", "threat":{ "url":"https:\/\/testsafebrowsing.appspot.com\/s\/phishing.html" }, "cacheDuration":"300s", "threatEntryType":"URL" }, { "threatType":"MALWARE", "platformType":"ANY_PLATFORM", "threat":{ "url":"https:\/\/testsafebrowsing.appspot.com\/s\/malware.html" }, "cacheDuration":"300s", "threatEntryType":"URL" }, { "threatType":"MALWARE", "platformType":"ANY_PLATFORM", "threat":{ "url":"http:\/\/testsafebrowsing.appspot.com\/apiv4\/ANY_PLATFORM\/MALWARE\/URL\/" }, "cacheDuration":"300s", "threatEntryType":"URL" }, { "threatType":"SOCIAL_ENGINEERING", "platformType":"ANY_PLATFORM", "threat":{ "url":"http:\/\/testsafebrowsing.appspot.com\/apiv4\/ANY_PLATFORM\/SOCIAL_ENGINEERING\/URL\/" }, "cacheDuration":"300s", "threatEntryType":"URL" } ] } } ``` Both outputs will depend on what options you have set in your `config/safe-urls.php` file. Test URLs ----------------------------------------------- [](#test-urls) Here are some handy test urls you can use while you're experimenting with this Laravel package. - (OK) - (OK) - (Malware) - (OK) - (Malware) - (OK) - (Malware) - (Malware) - [http://testsafebrowsing.appspot.com/apiv4/ANY\_PLATFORM/MALWARE/URL/](http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/MALWARE/URL/) (Malware) - [http://testsafebrowsing.appspot.com/apiv4/ANY\_PLATFORM/SOCIAL\_ENGINEERING/URL/](http://testsafebrowsing.appspot.com/apiv4/ANY_PLATFORM/SOCIAL_ENGINEERING/URL/) (Malware / Social Engineering) Change log --------------------------------------------- [](#change-log) Please see the [changelog](changelog.md) for more information on what has changed recently. Testing ---------------------------------------- [](#testing) From inside the root folder of this package: ``` $ ./run_phpunit YOUR_GOOGLE_API_KEY ``` Replace YOUR\_GOOGLE\_API\_KEY with your key. Get one by visiting . Contributing -------------------------------------------------- [](#contributing) Please see [contributing.md](contributing.md) for details and a todolist. Security ------------------------------------------ [](#security) If you discover any security related issues, please email author email instead of using the issue tracker. Credits ---------------------------------------- [](#credits) - [Rob Attfield](https://github.com/rattfieldnz) - [All Contributors](../../contributors) License ---------------------------------------- [](#license) Please see the [license file](license.md) for more information. ### Health Score 24 — LowBetter than 32% of packages Maintenance10 Infrequent updates — may be unmaintained Popularity8 Limited adoption so far Community10 Small or concentrated contributor base Maturity58 Maturing project, gaining track record Bus Factor1 Top contributor holds 92.6% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 58 Last Release 2463d ago PHP version history (2 changes)0.0.1PHP >=7.1.3 0.0.20PHP >=7.2 ### Community Maintainers ![](https://www.gravatar.com/avatar/7c0ece250cf895d774e0b482665113970f099e7b0efbdcbb3fbfaaea1d4166fa?d=identicon)[rattfieldnz](/maintainers/rattfieldnz) --- Top Contributors [![rattfieldnz](https://avatars.githubusercontent.com/u/2468863?v=4)](https://github.com/rattfieldnz "rattfieldnz (137 commits)")[![scrutinizer-auto-fixer](https://avatars.githubusercontent.com/u/6253494?v=4)](https://github.com/scrutinizer-auto-fixer "scrutinizer-auto-fixer (11 commits)") --- Tags apigooglegoogle-safebrowsinglaravel55laravel56laravel57laravel58safe-browsingspam-detectionspam-filterspam-filteringspam-protectionlaravelgooglesafe urlsSafe Browsing API ### Code Quality TestsPHPUnit Code StylePHP\_CodeSniffer ### Embed Badge ![Health badge](/badges/rattfieldnz-safe-urls/health.svg) ``` [![Health](https://phpackages.com/badges/rattfieldnz-safe-urls/health.svg)](https://phpackages.com/packages/rattfieldnz-safe-urls) ``` ### Alternatives [pulkitjalan/google-apiclient Google api php client wrapper with Cloud Platform and Laravel support 2582.9M5](/packages/pulkitjalan-google-apiclient)[thujohn/analytics Google Analytics for Laravel 4 113108.7k1](/packages/thujohn-analytics)[spotonlive/laravel-google-ads Google Ads API for Laravel 6391.1k](/packages/spotonlive-laravel-google-ads)[hosseinhezami/laravel-gemini A production-ready Laravel package to integrate with the Google Gemini API. Supports text, image, video, audio, long-context, structured output, files, caching, function-calling and understanding capabilities. 14010.8k1](/packages/hosseinhezami-laravel-gemini)[mbarwick83/shorty Google Url Shortener API Package for Laravel 5.1 31204.9k](/packages/mbarwick83-shorty)[gemini-api-php/laravel Gemini API client for Laravel 8915.7k](/packages/gemini-api-php-laravel) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)