mirror of
https://github.com/Lissy93/web-check.git
synced 2024-11-07 08:55:22 +01:00
104 lines
3.3 KiB
JavaScript
104 lines
3.3 KiB
JavaScript
import axios from 'axios';
|
|
import xml2js from 'xml2js';
|
|
import middleware from './_common/middleware.js';
|
|
|
|
const getGoogleSafeBrowsingResult = async (url) => {
|
|
try {
|
|
const apiKey = process.env.GOOGLE_CLOUD_API_KEY;
|
|
if (!apiKey) {
|
|
return { error: 'GOOGLE_CLOUD_API_KEY is required for the Google Safe Browsing check' };
|
|
}
|
|
const apiEndpoint = `https://safebrowsing.googleapis.com/v4/threatMatches:find?key=${apiKey}`;
|
|
|
|
const requestBody = {
|
|
threatInfo: {
|
|
threatTypes: [
|
|
'MALWARE', 'SOCIAL_ENGINEERING', 'UNWANTED_SOFTWARE', 'POTENTIALLY_HARMFUL_APPLICATION', 'API_ABUSE'
|
|
],
|
|
platformTypes: ["ANY_PLATFORM"],
|
|
threatEntryTypes: ["URL"],
|
|
threatEntries: [{ url }]
|
|
}
|
|
};
|
|
|
|
const response = await axios.post(apiEndpoint, requestBody);
|
|
if (response.data && response.data.matches) {
|
|
return {
|
|
unsafe: true,
|
|
details: response.data.matches
|
|
};
|
|
} else {
|
|
return { unsafe: false };
|
|
}
|
|
} catch (error) {
|
|
return { error: `Request failed: ${error.message}` };
|
|
}
|
|
};
|
|
|
|
const getUrlHausResult = async (url) => {
|
|
let domain = new URL(url).hostname;
|
|
return await axios({
|
|
method: 'post',
|
|
url: 'https://urlhaus-api.abuse.ch/v1/host/',
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded'
|
|
},
|
|
data: `host=${domain}`
|
|
})
|
|
.then((x) => x.data)
|
|
.catch((e) => ({ error: `Request to URLHaus failed, ${e.message}`}));
|
|
};
|
|
|
|
|
|
const getPhishTankResult = async (url) => {
|
|
try {
|
|
const encodedUrl = Buffer.from(url).toString('base64');
|
|
const endpoint = `https://checkurl.phishtank.com/checkurl/?url=${encodedUrl}`;
|
|
const headers = {
|
|
'User-Agent': 'phishtank/web-check',
|
|
};
|
|
const response = await axios.post(endpoint, null, { headers, timeout: 3000 });
|
|
const parsed = await xml2js.parseStringPromise(response.data, { explicitArray: false });
|
|
return parsed.response.results;
|
|
} catch (error) {
|
|
return { error: `Request to PhishTank failed: ${error.message}` };
|
|
}
|
|
}
|
|
|
|
const getCloudmersiveResult = async (url) => {
|
|
const apiKey = process.env.CLOUDMERSIVE_API_KEY;
|
|
if (!apiKey) {
|
|
return { error: 'CLOUDMERSIVE_API_KEY is required for the Cloudmersive check' };
|
|
}
|
|
try {
|
|
const endpoint = 'https://api.cloudmersive.com/virus/scan/website';
|
|
const headers = {
|
|
'Content-Type': 'application/x-www-form-urlencoded',
|
|
'Apikey': apiKey,
|
|
};
|
|
const data = `Url=${encodeURIComponent(url)}`;
|
|
const response = await axios.post(endpoint, data, { headers });
|
|
return response.data;
|
|
} catch (error) {
|
|
return { error: `Request to Cloudmersive failed: ${error.message}` };
|
|
}
|
|
};
|
|
|
|
const threatsHandler = async (url) => {
|
|
try {
|
|
const urlHaus = await getUrlHausResult(url);
|
|
const phishTank = await getPhishTankResult(url);
|
|
const cloudmersive = await getCloudmersiveResult(url);
|
|
const safeBrowsing = await getGoogleSafeBrowsingResult(url);
|
|
if (urlHaus.error && phishTank.error && cloudmersive.error && safeBrowsing.error) {
|
|
throw new Error(`All requests failed - ${urlHaus.error} ${phishTank.error} ${cloudmersive.error} ${safeBrowsing.error}`);
|
|
}
|
|
return JSON.stringify({ urlHaus, phishTank, cloudmersive, safeBrowsing });
|
|
} catch (error) {
|
|
throw new Error(error.message);
|
|
}
|
|
};
|
|
|
|
export const handler = middleware(threatsHandler);
|
|
export default handler;
|