Uploading a File for Positive Selection
You can upload a potentially malicious file to Votiro Cloud, where it is queued for positive selection, and then processed. Positive selection policies that dictate how the file is scanned and processed can be set in Votiro Cloud.
Select from the following options when uploading a file for positive selection:
n | Upload - this option requires calling three APIs in the order below: |
a. | Uploading a File for Positive Selection - this is the upload request |
b. | Checking the Status of a Positive Selection Request - this is the check status request called after receiving the requestId from the completed upload request |
c. | Downloading a Processed File - this is the download processed file request called after receiving the status from the check status request |
n | Sync-upload - this option requires calling two APIs in the order below: |
a. | Sync-uploading a File for Positive Selection - this is the sync-upload request. The sync-upload finishes after the file sanitization is done. The response for the sync-upload will be the requestId and status. For example: |
requestId: "58be4846-9c82-4c58-8775-f3a8a935fd5c",
status: "Done"
b. | Downloading a Processed File - this is the download processed file request called after receiving the status from the completed sync-upload request |
Notes
Files up to 2 GB can be uploaded for positive selection.
Uploading 0-byte files is not supported.
Uploading a File for Positive Selection
Upload the file for positive selection with the following command:
POST https://<votiro_appliance>/disarmer/api/disarmer/v4/upload
Sync-uploading a File for Positive Selection
The sync-upload step combines the upload step and the check step of the positive selection process for a file. Upload the file for positive selection with the following command:
POST https://<votiro_appliance>/disarmer/api/disarmer/v4/upload-sync
Request Data
Request URL Parameters
No additional parameters are added to the request URL.
Request Header Parameters
Request header parameters are case sensitive.
Parameter | Description | Type | Required/ Optional |
---|---|---|---|
Authorization | This is the Bearer <token> | string | Required |
Content-Type | Value must be "multipart/form-data" | string | Required |
Notes
n | For creating a token see the Votiro Cloud User Guide, Configuring System Settings. |
n | You can use additional recommended header keys depending on your environment, for example, Host, Accept with value "*/*". |
Request Body
In the request body, supply the content of the file. The content should contain the file's binary data, that is, in the same way it is saved in the user's storage.
Parameter | Description | Type | Required/ Optional |
---|---|---|---|
File | File form-data, including: file name, file length and binary data. | string | Required |
Properties | Values must be associated with keys from the JSON key-value collection. For example:{"key1":"value1"}. Optional Properties include: PolicyName File name of a predefined policy rules collection (also known as named policy). For PolicyName, specify the name of the policy, without any extension. For example, CXO. Note nIf you do not enter a policy name, a default policy is applied. nIf the PolicyName entered does not match a policy set up in Votiro Cloud, the default policy is used. A message will appear in the log. Password Allows positive selection of password-protected archive files with the following file types: PDF, ZIP, 7zip, RAR, DOC, DOCX, DOT, DOTX, DOCM, DOTM, XLS, XLT, XLSX XLTX XLSM, PPT, PPS, POT, PPTX, PPSX, POTX and PPTM. It does not work on other file types that can be protected by a password, such as Visio files. Password will be used only with PolicyName. ChannelType The name of the channel type of connector being used. For ChannelType, specify FileConnector. ChannelId and ChannelName The ChannelId and ChannelName are paired. ChannelId is provided by Votiro and is a unique identifier of the application. ChannelName should be a human readable name, so it can be filtered by the end user (Email, Portal, etc.) Extended request information: User, Groups, Client, Server, From, To, Path are all optional, but reserved words. These attributes are important for monitoring and analytics of our product. Other Key values: Domain, User Agent, URL Category, Application ID, or any other useful information will be populated into a dedicated UI widget. | string | Required; can be empty |
Notes
nWhen using the Password parameter, you must set the Password Protected case policy to Sanitize.
nFor more information, see Managing Positive Selection Policies in the Votiro Cloud User Guide.
Request for Sync-upload
To manage sync-upload requests in your environment, optional content changes to the file can be made to the following:
n | Virtual appliance address |
n | Bearer token |
n | Filepath |
n | Policy Name |
n | Channel Name |
n | Channel ID |
Note
Do not change Channel Type, it must remain as "FileConnector".
For more details and an example of file content changes, see
Request Examples
IMPORTANT!
The example commands use upload. You can also use upload-sync.
n | Posting a password-protected file named Q1Reports.zip. |
POST https://api.votiro.com/disarmer/api/disarmer/v4/upload HTTP/1.1
Host: api.votiro.com
Authorization: Bearer: <Token>
Content-Length: 712692
Content-Type: multipart/form-data; boundary=<Boundary>
<Boundary>
Content-Disposition: form-data; name="File"; filename="<filepath>/Q1Reports.zip"
Content-Type: <Content-Type header here>
(data)
Content-Disposition: form-data; name="Properties"
{"ChannelType":"FileConnector","ChannelId":"30acc6eb-16d9-4133-ae43-0f5b6d40a318","ChannelName":"ChannelFin", "Password":"psWd172","PolicyName":"Default Policy"}
<Boundary>
n | Uploading a PDF file named OrgChart.pdf. |
POST https://api.votiro.com/disarmer/api/disarmer/v4/upload HTTP/1.1
Host: api.votiro.com
Authorization: Bearer: <Token>
Content-Length: 712692
Content-Type: multipart/form-data; boundary=<Boundary>
<Boundary>
Content-Disposition: form-data; name="File"; filename="<filepath>/OrgChart.pdf"
Content-Type: <Content-Type header here>
(data)
Content-Disposition: form-data; name="Properties"
{"ChannelType":"FileConnector","ChannelId":"30acc6eb-16d9-4133-ae43-0f5b6d40a319","ChannelName":"ChannelHR", "PolicyName":"Default Policy"}
<Boundary>
Response Data
Response Parameters
Parameter | Description | Type |
---|---|---|
requestId | Upload request ID. | string (GUID) |
Response Examples
n | Response to an uploaded PDF file using upload command: |
4d6888d1-5ab5-4cf5-9d19-d43f16fd01d8
n | Response to a file uploaded using upload-sync command: |
{
"requestId": "4d6888d1-5ab5-4cf5-9d19-d43f16fd01d8",
"status": "Done"
}
Comments
0 comments
Please sign in to leave a comment.