Organiza tus páginas con colecciones
Guarda y categoriza el contenido según tus preferencias.
Usar la API de envío
En este documento, se describe cómo enviar las URLs que sospechas que no son seguras a la Navegación segura para que sean analizadas y verificar de forma asíncrona los resultados de estos envíos. Todas las URLs que se confirme que incumplen las políticas de la Navegación segura se agregarán al servicio de la Navegación segura.
La API de Web Risk Submission valida que las URLs enviadas tengan contenido que incumpla las políticas de la Navegación segura. Los desarrolladores de la API deben asegurarse de que las URLs enviadas tengan evidencia clara de que incumplen estas políticas. En los siguientes ejemplos, se muestran evidencias de incumplimiento de políticas:
Contenido de ingeniería social que imita una marca en línea legítima (nombre de marca, logotipo, apariencia), alertas del sistema, usa URLs engañosas o solicita a los usuarios que ingresen credenciales sensibles, como un nombre de usuario o una contraseña
Un sitio que aloja un ejecutable de software malicioso conocido
Los desarrolladores de APIs no deben enviar estos tipos de URLs, ya que es probable que no se agreguen a las listas de bloqueo de Navegación segura:
Encuestas falsas, sitios de compras y otras estafas que no demuestren phishing (como estafas de criptomonedas)
Spam que incluye juegos de apuestas, violencia o contenido para adultos que no sea phishing ni software malicioso
Envía URLs
Para enviar una URL, envía una solicitud HTTP POST al método projects.uris.submit.
La API de Submission admite una URL por solicitud. Si deseas verificar varias URL, debes enviar una solicitud diferente para cada una.
La URL debe ser válida, pero no es necesario que sea canonicalizada. Para obtener más información, consulta RFC 2396.
La respuesta HTTP POST muestra una long-running operation.
Para obtener más información sobre cómo recuperar el resultado del envío y verificar
el estado de un envío, consulta Operaciones de larga duración.
Ejemplo
Método HTTP y URL:
POST https://webrisk.googleapis.com/v1/projects/project-id/uris:submit
SUCCEEDED indica que la URL enviada se agregó a la lista de URLs bloqueadas de la Navegación segura.
CLOSED indica que no se detectó que la URL enviada incumpla las políticas de Navegación segura y que no se agregó a la lista de bloqueo de Navegación segura en las últimas 24 horas.
[[["Fácil de comprender","easyToUnderstand","thumb-up"],["Resolvió mi problema","solvedMyProblem","thumb-up"],["Otro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Información o código de muestra incorrectos","incorrectInformationOrSampleCode","thumb-down"],["Faltan la información o los ejemplos que necesito","missingTheInformationSamplesINeed","thumb-down"],["Problema de traducción","translationIssue","thumb-down"],["Otro","otherDown","thumb-down"]],["Última actualización: 2025-09-04 (UTC)"],[],[],null,["# Using the Submission API\n========================\n\nThis document describes how to submit URLs that you suspect are unsafe to\nSafe Browsing for analysis, and asynchronously check the results of these\nsubmissions. Any URLs that are confirmed to violate the [Safe Browsing Policies](https://safebrowsing.google.com/#policies)\nare added to the Safe Browsing service.\n\nBefore you begin\n----------------\n\n[Contact sales](https://cloud.google.com/contact) or your customer engineer in order to obtain access to\nthis feature.\n\nBest Practices\n--------------\n\n### Read the [Safe Browsing Policies](https://safebrowsing.google.com/#policies)\n\nThe Web Risk Submission API validates that the submitted URLs render content violating Safe Browsing [policies](https://safebrowsing.google.com/#policies). API developers must ensure that the submitted URLs have clear evidence of violating these policies. The following examples show evidences of violation of policies:\n\n- Social engineering content that mimics a legitimate online brand (brand name, logo, look and feel), system alerts, uses deceptive URLs, or requests users to enter sensitive credentials such as a username or password.\n- A site that is hosting a known Malware executable.\n\nAPI developers should not submit these types of URLs, as they most likely will not be added to Safe Browsing blocklists:\n\n- Fake surveys, shopping sites, or other scams that do not demonstrate phishing (such as cryptocurrency scams).\n- Spam containing gambling, violence, or adult content that is not phishing or malware.\n\nSubmit URLs\n-----------\n\nTo submit a URL, send an HTTP `POST` request to\nthe [`projects.uris.submit`](/web-risk/docs/reference/rest/v1/projects.uris/submit)\nmethod.\n\n- The Submission API supports one URL per request. To check multiple URLs, you need to send a separate request for each URL.\n- The URL must be valid but it doesn't need to be canonicalized. For more\n information, see [RFC 2396](http://www.ietf.org/rfc/rfc2396.txt).\n\n- The HTTP `POST` response returns a [`long-running operation`](/web-risk/docs/reference/rpc/google.longrunning).\n For more information about how to retrieve the submission result and check\n the status of a submission, see [Long-running operations](/web-risk/docs/long-running-operations).\n\nExample\n-------\n\n\nHTTP method and URL:\n\n```\nPOST https://webrisk.googleapis.com/v1/projects/project-id/uris:submit\n```\n\n\nRequest JSON body:\n\n```\n{\n \"submission\": {\n \"uri\": \"https://www.example.com/login.html\"\n }\n}\n```\n\nTo send your request, choose one of these options: \n\n#### curl\n\n| **Note:** The following command assumes that you have logged in to the `gcloud` CLI with your user account by running [`gcloud init`](/sdk/gcloud/reference/init) or [`gcloud auth login`](/sdk/gcloud/reference/auth/login) , or by using [Cloud Shell](/shell/docs), which automatically logs you into the `gcloud` CLI . You can check the currently active account by running [`gcloud auth list`](/sdk/gcloud/reference/auth/list).\n\n\nSave the request body in a file named `request.json`,\nand execute the following command:\n\n```\ncurl -X POST \\\n -H \"Authorization: Bearer $(gcloud auth print-access-token)\" \\\n -H \"Content-Type: application/json; charset=utf-8\" \\\n -d @request.json \\\n \"https://webrisk.googleapis.com/v1/projects/project-id/uris:submit\"\n```\n\n#### PowerShell\n\n| **Note:** The following command assumes that you have logged in to the `gcloud` CLI with your user account by running [`gcloud init`](/sdk/gcloud/reference/init) or [`gcloud auth login`](/sdk/gcloud/reference/auth/login) . You can check the currently active account by running [`gcloud auth list`](/sdk/gcloud/reference/auth/list).\n\n\nSave the request body in a file named `request.json`,\nand execute the following command:\n\n```\n$cred = gcloud auth print-access-token\n$headers = @{ \"Authorization\" = \"Bearer $cred\" }\n\nInvoke-WebRequest `\n -Method POST `\n -Headers $headers `\n -ContentType: \"application/json; charset=utf-8\" `\n -InFile request.json `\n -Uri \"https://webrisk.googleapis.com/v1/projects/project-id/uris:submit\" | Select-Object -Expand Content\n```\n\nYou should receive a JSON response similar to the following:\n\n```\n{\n \"name\": \"projects/project-number/operations/operation-id\",\n}\n```\n\n### Check the submission status\n\nYou can [check the status of the submission](/web-risk/docs/long-running-operations#get)\nby using the `project-number` and `operation-id` values from the response.\n\n`SUCCEEDED` indicates that the submitted URL was added to the Safe Browsing\nBlocklist.\n\n`CLOSED` indicates that the submitted URL was not detected to violate the Safe\nBrowsing Policies and was not added to the Safe Browsing Blocklist in the last\n24 hours."]]