Skip to content

Scan a file for malware

Files uploaded to the server over 100 MB are scanned automatically.

Once a file is scanned, you can check the malwareScanStatus field in the response body.

The malware scanner status of the file. CLEAN files have been scanned. UNSCANNED files have not yet been scanned, typically because they have been recently uploaded. INFECTED files have been scanned and found to contain malware. Downloads of infected files will be blocked by File service by not returning a download URL from GET file endpoints; similarly, requests to copy will be blocked. Clients may override this block by appending a force=true query parameter to the URL. Files over 100 MiB will not be automatically scanned; instead, they will be marked as CANNOT_SCAN. However, clients may manually request that such files be scanned using the manual request scan endpoints. SCAN_FAILED is for files where scanning was attempted, but failed in the backend. This shouldn’t normally happen, but in case it does, clients may manually request the scan again.

If files are flagged as infected, they are stored for 30 days in quarantine and are then permanently deleted. You may temporarily access quarantined files using the information above in order to investigate and improve the security of your application for the future.