How to Block Files with HTML Input; Scan Files for Viruses & Malware using C/C++
As cyber-attack vectors continually evolve, it’s more important than ever to increase the breadth of our individual threat detection policies. To that end, multi-threat scanning security APIs help improve your threat profile while reducing the number of requests your application/workflow needs to make in the process. The free-to-use API provided below can check for hidden content threats like HTML input (which can contain cross-site scripting code, malicious scripts, local file access attempts, etc.) while simultaneously scanning files for a growing list of 17 million+ virus and malware signatures. You can set custom policies in the API request body to block (or allow) HTML input along with a variety of other common hidden threat types.
To take advantage of this API using C/C++ code examples, first copy the below snippet to install libcurl in your C/C++ project:
libcurl/7.75.0
Then use the ready-to-run code examples below to structure your request:
CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(curl, CURLOPT_URL, "https://api.cloudmersive.com/virus/scan/file/advanced");
curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
curl_easy_setopt(curl, CURLOPT_DEFAULT_PROTOCOL, "https");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "allowExecutables: <boolean>");
headers = curl_slist_append(headers, "allowInvalidFiles: <boolean>");
headers = curl_slist_append(headers, "allowScripts: <boolean>");
headers = curl_slist_append(headers, "allowPasswordProtectedFiles: <boolean>");
headers = curl_slist_append(headers, "allowMacros: <boolean>");
headers = curl_slist_append(headers, "allowXmlExternalEntities: <boolean>");
headers = curl_slist_append(headers, "allowInsecureDeserialization: <boolean>");
headers = curl_slist_append(headers, "allowHtml: <boolean>");
headers = curl_slist_append(headers, "restrictFileTypes: <string>");
headers = curl_slist_append(headers, "Content-Type: multipart/form-data");
headers = curl_slist_append(headers, "Apikey: YOUR-API-KEY-HERE");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
curl_mime *mime;
curl_mimepart *part;
mime = curl_mime_init(curl);
part = curl_mime_addpart(mime);
curl_mime_name(part, "inputFile");
curl_mime_filedata(part, "/path/to/file");
curl_easy_setopt(curl, CURLOPT_MIMEPOST, mime);
res = curl_easy_perform(curl);
curl_mime_free(mime);
}
curl_easy_cleanup(curl);
To use this solution for free, you’ll just need to supply a free-tier API key in the API key authorization header (this can be retrieved on the Cloudmersive website & allows a limit of 800 API calls per month and no additional commitment).