Architectural Overview¶
When a file upload request is sent to the OData Provider via a projection, the request will be fowarded to the File Storage Service. Once the file is uploaded the File Storage Service will invoke the Scanning API provided by the Virus Scanner solution. Finally, the file will be queued for scanning in the Virus Scanner and a URL will be returned in the HTTP respones to check the status of the file scan.
When a user tries to download the file they can be notified with one of the following Status depending on the result of the scan.
- Scan Pending (HTTP 423 - Locked)
- Scanned - No Threat
- Scanned - Threat Detected (HTTP 423 - Locked)
- Skipping Scannig
Even though a threat is detected, the user is allowed to download upon giving confirmation to the following dialog.
Please note that the Skip Scannig behavior is disabled by default. This behavior is governed by the Allow to skip individual file to scan System Parameter. Refer to the Configure System Parameters page to view all the available configuration for the Virus Scanner.
AV Disabled Behavior¶
If the Virus Scanner is disabled at the time of upload, the scan status will be set to AV Disabled and the file will not be queued for scanning. The file remains in this status even after the Virus Scanner is enabled, unless someone attempts to access the file. When an access is attempted for a file with AV Disabled status while the Virus Scanner is enabled, the file will be queued for scanning (HTTP 423 - Locked) and the scan will be performed before the download can proceed.