virustotal.LookupURLsFilter fails if URLs are longer than 2000 chars

Question

virustotal.LookupURLsFilter fails if URLs are longer than 2000 chars

ivanlei opened this issue 10 years ago · 1 comments

As the resource parameter in {{url/report}} VirusTotal method is send over HTTP GET it encodes the parameters in a URL query.

This could cause for some of the requests an erroneous situation where the resource parameter could not fit into the URL.

There is a debug output in {{osxcollector/output_filters/util/http.py}} that prints the URL for each request.
For the failed requests the URL seems to not contain any query parameters:

[ERROR] url[https://www.virustotal.com/vtapi/v2/url/report] status_code[<UNKNOWN>]
https://www.virustotal.com/vtapi/v2/url/report
[ERROR] url[https://www.virustotal.com/vtapi/v2/url/report] status_code[<UNKNOWN>]
https://www.virustotal.com/vtapi/v2/url/report
[ERROR] url[https://www.virustotal.com/vtapi/v2/url/report] status_code[<UNKNOWN>]
https://www.virustotal.com/vtapi/v2/url/report

So it rather looks like some limitation in the Requests package than some shortcoming of VirusTotal API.

Answer 1 · 2015-12-17T19:13:50.000Z

Migrated to Yelp/osxcollector_output_filters#2