Antivirus
Purpose¶
Provides antivirus methods.
Methods¶
Binding name: p6.antivirus
scan (inputstream)¶
New Feature
Since 6.9.2
Execute an antivirus scan on an inputstream and returns if the file is clean.
Syntax
boolean p6.antivirus.scan(InputStream stream)
Warning
To perform the antivirus scan, the stream will be read.
If you need to consume the stream after the scan, you will need to:
- reset the stream (using
reset()) ifmarkSupported()is true on the stream. - or read the stream from the source again.
Example
new File('p6file:/opt/p6core.data/path/to/file.pdf').newInputStream().withCloseable { stream ->
if (p6.antivirus.scan(stream)) {
p6.log.debug 'File is clean'
// Reset the stream so it can be consumed again after the scan
if (stream.markSupported()) {
stream.reset()
}
// Continue processing the stream...
} else {
p6.log.warn 'Threat detected! File will be deleted or quarantined depending on config'
}
}
scan (file)¶
New Feature
Since 6.9.2
Read the content of the file, execute the scan and returns if the file is clean.
Syntax
boolean p6.antivirus.scan(String uri)
Example
if (p6.antivirus.scan('p6file:/opt/p6core.data/path/to/file.pdf')) {
p6.log.debug 'File is clean'
} else {
p6.log.warn 'Threat detected! File will be deleted or quarantined depending on config'
}
enabled¶
New Feature
Since 6.10.24
Returns whether an antivirus engine is active on the instance.
When antivirus.engine=none (or unset), virus scanning is disabled and scan(...) always
returns true (clean). Use enabled() to tell “scanning is disabled” apart from “file scanned
and clean” — for example to log that a scan was skipped and continue, without reading the
platform configuration yourself.
Syntax
boolean p6.antivirus.enabled()
Example
if (!p6.antivirus.enabled()) {
p6.log.info 'Antivirus disabled — skipping virus scan'
} else if (p6.antivirus.scan('p6file:/opt/p6core.data/path/to/file.pdf')) {
p6.log.debug 'File is clean'
} else {
p6.log.warn 'Threat detected!'
}
Antivirus¶
By default, there is no antivirus installed on the instance. You can configure one according to the antivirus configuration.
Warning
If antivirus.engine=none all the scanned files are considered clean.
Use enabled() to detect this case and skip scanning explicitly.
If a file is detected as corrupted, according to antivirus.action the file will be:
Delete mode (default)
Corrupted files are deleted. No recovery possible.
Quarantine mode
Corrupted files are moved to ${P6_DATA}/resources/quarantine with a unique name.
A report file will be created having the same name and suffixed by -metadata.txt.
Report example
Original file: /opt/p6.data/resources/path/to/currupted.file
Scan date: 2023-04-19T15:30:31.524340Z
Report: Virus XXX detected
Ignore mode
Corrupted files are just mentioned in the log. No action will be done.
Warning
This mode is not recommended and should be used on purpose.