Open in app

Sign in

Write

Sign in

How to Detect Documents with OLE Embedded Links and Objects using JavaScript

Cloudmersive
2 min readJun 28, 2023

--

The object linking and embedding feature found in Office documents can be exploited by threat actors as a way to spread malware and viruses. Given how common Office documents are — and how innocuous embedded objects and links can appear in those documents — there’s a serious risk that downstream document viewers will access this content and trigger remote code execution.

Using the below JavaScript code, you can take advantage of a free-to-use API which automatically detects OLE content within a document, reporting its findings in the API response body (via the “ContainsOleEmbeddedObject” Boolean). This API simultaneously checks files for millions of virus and malware threats, providing 360-degree content protection in a single request.

To structure your API call, copy the below code and provide a free-tier Cloudmersive API key to authenticate your request:

var data = new FormData();
data.append("inputFile", fileInput.files[0], "file");
 
var xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function() {
     if(this.readyState === 4) {
          console.log(this.responseText);
     }
});

xhr.open("POST", "https://api.cloudmersive.com/virus/scan/file/advanced");
xhr.setRequestHeader("allowExecutables", "<boolean>");
xhr.setRequestHeader("allowInvalidFiles", "<boolean>");
xhr.setRequestHeader("allowScripts", "<boolean>");
xhr.setRequestHeader("allowPasswordProtectedFiles", "<boolean>");
xhr.setRequestHeader("allowMacros", "<boolean>");
xhr.setRequestHeader("allowXmlExternalEntities", "<boolean>");
xhr.setRequestHeader("allowInsecureDeserialization", "<boolean>");
xhr.setRequestHeader("allowHtml", "<boolean>");
xhr.setRequestHeader("restrictFileTypes", "<string>");

xhr.setRequestHeader("Apikey", "YOUR-API-KEY-HERE");

xhr.send(data);

The API response will look something like this:

{
  "CleanResult": true,
  "ContainsExecutable": true,
  "ContainsInvalidFile": true,
  "ContainsScript": true,
  "ContainsPasswordProtectedFile": true,
  "ContainsRestrictedFileFormat": true,
  "ContainsMacros": true,
  "ContainsXmlExternalEntities": true,
  "ContainsInsecureDeserialization": true,
  "ContainsHtml": true,
  "ContainsUnsafeArchive": true,
  "ContainsOleEmbeddedObject": true,
  "VerifiedFileFormat": "string",
  "FoundViruses": [
    {
      "FileName": "string",
      "VirusName": "string"
    }
  ],
  "ContentInformation": {
    "ContainsJSON": true,
    "ContainsXML": true,
    "ContainsImage": true,
    "RelevantSubfileName": "string"
  }
}

Just like that, you’ll get excellent protection for your file uploads and downloads in a single API request.

API
Virus Scan
Embedded Links
Cybersecurity
JavaScript

--

--

Cloudmersive
Cloudmersive

Written by Cloudmersive

669 Followers
10 Following

There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams