Check if an e-mail has been compromised in a hack/paste

Log in to Vote
14
14 Votes • 16 Comments
Searching for "is toothy1234@mailinator.com safe" would return a Yes/No from https://haveibeenpwned.com/API/v2
Source:
• posted 3 years and 14 days ago In Development

Puskin
I'll develop this IA ! This evening you will see a new PR!
posted by Puskin 3 years and 13 days ago Link
javathunderman
Right then. It will be fun to see this working. :)
posted by javathunderman Community Leader3 years and 7 days ago Link
aggrolite
I'll take a crack at it unless anyone objects.

Perhaps "pwned" could be an additional end trigger since this Instant Answer will be using haveibeenpwned.com?
posted by aggrolite 3 years and 13 days ago Link
Puskin
Ooooh I had not read your message!! this IA is all yours ;)
posted by Puskin 3 years and 13 days ago Link
aggrolite
No worries, and thanks. I will keep the thread updated on my progress.
posted by aggrolite 3 years and 13 days ago Link
aggrolite
In hindsight I now realize an end trigger of "pwned" would need to return the opposite answer of "safe". I will play with it and see what makes sense to the user.
posted by aggrolite 3 years and 13 days ago Link
Puskin
I think that "Your mail (is safe)|(has been pwned)" can be Good !
posted by Puskin 3 years and 12 days ago Link
aggrolite
Just updating the thread to say I've been making progress. Just working out kinks as this will be my first Spice plugin. If anyone has any questions or additional suggestions please ping me.
posted by aggrolite 3 years and 12 days ago Link
aggrolite
Hey all...I've run into an issue regarding the API.

According to the documentation, if the given email address has not been compromised, a status of 404 is returned (see: )

When I submit an email that has been "pwned" I receive a status of 200 from the API and I'm able to see my Spice template. But when an email is not "pwned" a status of 404 is returned and Duckpan returns to the main search page with a message of "404 not found"

Any ideas of how I can catch this response before Duckpan just bails out?
posted by aggrolite 3 years and 7 days ago Link
aggrolite
the link to the documentation I meant to include: https://haveibeenpwned.com/API/v2#Respon...
posted by aggrolite 3 years and 7 days ago Link
Puskin
I tried with https://haveibeenpwned.com/api/v2/breach... , as you can see it returns nothing... I think you can check if the page is totally blank!
posted by Puskin 3 years and 6 days ago Link
aggrolite
Right...except when I visit that link in my browser I receive a 404 status.

$ perl -Mojo -E 'say g("https://haveibeenpwned.com/api/v2/breach...")->code'
404
posted by aggrolite 3 years and 6 days ago Link
Puskin
Wich result does the API call returns starting the Spice?
posted by Puskin 3 years and 6 days ago Link
aggrolite
Could you rephrase your question? I'm not sure what you're asking. In the case of an email not being "pwned" the API returns a status of 404. But Duckpan server seems to bail out of a search entirely when a 404 is encountered in any request (or at least in this request).
posted by aggrolite 3 years and 6 days ago Link
anonymous
Maybe a more general pattern: "check <identifier>" or "can I trust ,identifier>", where <identifier>" could be an email address, a web site, a 'phone number - heck, even an investment company or double glazing seller!
posted by <hidden> • 2 years and 4 months ago Link
anonymous
Hey!

Any update on this cool IA? I can lend a hand if it is on development :)
posted by <hidden> • 1 year and 2 months ago Link