> I assumed that Firefox periodically downloaded something from Google that let Firefox check a given URL against a list of known-bad hashes.
Yes, that's basically how it works. Firefox periodically downloads a database of blocked URLs. Before loading a web page, it checks this database. If the check is negative then Firefox displays the page normally. If the check is positive, Firefox will also send a hashed URL to the Safe Browsing server to double-check whether to block the page or not.
This page has more documentation, including a link to the API specification:
Yes, that's basically how it works. Firefox periodically downloads a database of blocked URLs. Before loading a web page, it checks this database. If the check is negative then Firefox displays the page normally. If the check is positive, Firefox will also send a hashed URL to the Safe Browsing server to double-check whether to block the page or not.
This page has more documentation, including a link to the API specification:
https://support.mozilla.org/en-US/kb/how-does-phishing-and-m...