Request headers

An HTTP request, using the POST method, to Kaspersky Scan Engine must include the Content-Length header.

When making an HTTP request, there are three request headers specific to Kaspersky Scan Engine that you can set:

• X-KAV-ProtocolVersion

  This header specifies the KAV protocol version used. This header is mandatory.

• X-KAV-Timeout

  This header specifies a scanning operation timeout in milliseconds (but not a session timeout). This header is optional.

  This header takes values ranging from 0 to 4294967295 (unsigned 32-bit integer value). Set the value based on the characteristics of the object to scan (for example, its size or whether it is multipart or not; Kaspersky Scan Engine takes longer to scan a large multipart object).

  For more information about a scanning timeout and a session timeout, see section "Setting the session timeout".

• X-KAV-ObjectURL

  This header contains the scan task context that Kaspersky Scan Engine uses to increase the detection rate. This header is optional.

  The use of this header does not affect scanning performance.

  We recommend that you use the scan task context in gateway integrations.

  Use the following format for the context:

  • If the object to scan is received from the web, specify the web address of origin, including the protocol, for example:

    http://example.com

    The supported protocols are HTTP, HTTPS, and FTP.

    If the URL is unknown, we recommend to use http://example.com as the scan task context.

  • If the object to scan was received by email, specify the sender's email address in the following format: [from:%sender_address%], for example:

    [from:example@example.com]

    If the sender's email address is unknown, we recommend that you use [from:test@relay.example] as the scan task context.

  Scan task context is only applicable to file and memory scanning. If you specify scan task context for a URL, it will be ignored.

Page top