{"id":7269,"library":"google-cloud-webrisk","title":"Google Cloud Web Risk Python Client","description":"The `google-cloud-webrisk` library is the official Python client for the Google Cloud Web Risk API (current version 1.21.0). This service allows applications to check URLs against Google's continually updated lists of unsafe web resources, including phishing, malware, and unwanted software sites, to protect users and prevent the spread of harmful content. Google Cloud client libraries are actively maintained and receive regular updates to support new API features and bug fixes.","status":"active","version":"1.21.0","language":"en","source_language":"en","source_url":"https://github.com/googleapis/google-cloud-python/tree/main/packages/google-cloud-webrisk","tags":["google cloud","security","webrisk","safe browsing","url analysis","threat detection","gcp"],"install":[{"cmd":"pip install google-cloud-webrisk","lang":"bash","label":"Install stable version"}],"dependencies":[{"reason":"Provides core Google API client functionality, including authentication, retries, and API calls.","package":"google-api-core","optional":false},{"reason":"Used for protobuf message serialization and deserialization.","package":"proto-plus","optional":false}],"imports":[{"symbol":"WebRiskServiceClient","correct":"from google.cloud.webrisk_v1 import WebRiskServiceClient"},{"symbol":"ThreatType","correct":"from google.cloud.webrisk_v1 import ThreatType"},{"note":"Types are directly available under the `_v1` namespace for convenience.","wrong":"from google.cloud.webrisk_v1.types import SearchUrisRequest","symbol":"SearchUrisRequest","correct":"from google.cloud.webrisk_v1 import SearchUrisRequest"}],"quickstart":{"code":"import os\nfrom google.cloud import webrisk_v1\nfrom google.cloud.webrisk_v1 import WebRiskServiceClient, ThreatType\n\ndef search_uri(uri: str, threat_types: list[ThreatType]) -> dict:\n    \"\"\"Checks whether a URI is on a given threatList.\"\"\"\n    client = WebRiskServiceClient()\n    request = webrisk_v1.SearchUrisRequest(\n        uri=uri,\n        threat_types=threat_types,\n    )\n    response = client.search_uris(request=request)\n    return response.threat.to_dict() if response.threat else {\"threatTypes\": []}\n\nif __name__ == \"__main__\":\n    # Ensure GOOGLE_APPLICATION_CREDENTIALS is set, e.g.:\n    # export GOOGLE_APPLICATION_CREDENTIALS=\"/path/to/your/keyfile.json\"\n    # or use `gcloud auth application-default login`\n    # The client library will automatically find credentials if set.\n\n    test_uri_safe = \"http://example.com\"\n    # This is a known test URI for malware from Google Safe Browsing.\n    test_uri_unsafe = \"http://testsafebrowsing.appspot.com/s/malware.html\"\n\n    threat_types_to_check = [\n        ThreatType.MALWARE,\n        ThreatType.SOCIAL_ENGINEERING,\n        ThreatType.UNWANTED_SOFTWARE,\n    ]\n\n    print(f\"Checking safe URI: {test_uri_safe}\")\n    result_safe = search_uri(test_uri_safe, threat_types_to_check)\n    print(f\"Result for {test_uri_safe}: {result_safe}\")\n\n    print(f\"\\nChecking unsafe URI: {test_uri_unsafe}\")\n    result_unsafe = search_uri(test_uri_unsafe, threat_types_to_check)\n    print(f\"Result for {test_uri_unsafe}: {result_unsafe}\")","lang":"python","description":"This quickstart demonstrates how to instantiate the WebRiskServiceClient and use the `search_uris` method to check a URL against various threat lists (MALWARE, SOCIAL_ENGINEERING, UNWANTED_SOFTWARE). It shows examples for both a safe and a known unsafe URI. Ensure your Google Cloud credentials are set up for the client to authenticate automatically."},"warnings":[{"fix":"Set `GOOGLE_APPLICATION_CREDENTIALS` to a service account key JSON file or run `gcloud auth application-default login`.","message":"Authentication is required for all Google Cloud client library operations. Ensure `GOOGLE_APPLICATION_CREDENTIALS` environment variable is set or your environment is authenticated via `gcloud auth application-default login`.","severity":"gotcha","affected_versions":"All"},{"fix":"Contact Google Cloud Sales or your customer engineer to request allowlist access for your project if you need to use `submit_uri`.","message":"The `submit_uri` method (for reporting suspicious URLs) is restricted to allowlisted projects only during Early Access. Attempts from non-allowlisted projects will fail.","severity":"breaking","affected_versions":"All (current API behavior)"},{"fix":"Upgrade your Python environment to version 3.9 or higher.","message":"The Web Risk API client library officially supports Python 3.9 and newer. Older Python versions (3.8 and below) are unsupported.","severity":"gotcha","affected_versions":"<= 3.8"},{"fix":"Adhere to the Web Risk API Terms of Service, specifically regarding data redistribution limitations.","message":"Information returned by the Web Risk API must not be redistributed. Always refer to the official documentation for usage restrictions.","severity":"gotcha","affected_versions":"All"},{"fix":"Configure appropriate log handling and access controls for any stored logs to prevent exposure of sensitive data. Do not rely on log message immutability.","message":"The client library uses standard Python logging functionality, and logs may contain sensitive information. Access to these logs should be restricted.","severity":"gotcha","affected_versions":"All"}],"env_vars":null,"last_verified":"2026-04-16T00:00:00.000Z","next_check":"2026-07-15T00:00:00.000Z","problems":[{"fix":"Ensure the `GOOGLE_APPLICATION_CREDENTIALS` environment variable points to a valid service account key file, or use `gcloud auth application-default login` for local development. Alternatively, explicitly pass credentials to the client constructor.","cause":"The application failed to find valid Google Cloud authentication credentials in the environment.","error":"google.auth.exceptions.DefaultCredentialsError: Could not automatically determine credentials. Please set GOOGLE_APPLICATION_CREDENTIALS or provide a Google Cloud project ID."},{"fix":"Verify that your Google Cloud project has been allowlisted for the Web Risk Submission API. If not, only the `search_uris` method is generally available. Double-check the API endpoint and method signature in your code.","cause":"Attempted to use the `submit_uri` method without the project being allowlisted for Early Access, or incorrect API endpoint/version used.","error":"404 Not Found: POST https://webrisk.googleapis.com/v1/projects/YOUR_PROJECT_ID/submissions:create: Method not found."},{"fix":"Change your import statement to `from google.cloud.webrisk_v1 import WebRiskServiceClient`.","cause":"Attempted to import `WebRiskServiceClient` directly from `google.cloud.webrisk` instead of the versioned submodule `google.cloud.webrisk_v1`.","error":"ImportError: cannot import name 'WebRiskServiceClient' from 'google.cloud.webrisk' (/path/to/python/site-packages/google/cloud/webrisk/__init__.py)"}]}