Syntax and options for the HTTP client
March 5, 2024
ID 179884
You can supply one or more options to the sample HTTP client.
Options
The following options are available in the sample HTTP client:
Options for running the sample HTTP client
Option | Description |
|---|---|
| Specifies the address of Kaspersky Scan Engine or a path to the Unix socket. The connection string can be specified with or without quotation marks. If this option is not specified, the default The UNIX sockets are supported only on Linux systems. |
| Specifies the request processing timeout, in milliseconds. |
| Specifies the URL to scan. Only one URL can be specified at a time. |
| Specifies the IP address (IPv4 or IPv6) of the host referred to by a URL. This option can only be used with Specifying an IP address increases the detection rate of Kaspersky Scan Engine. |
| Enables the scanfile mode. |
| Specifies the scan task context. If this option is specified, the request must have the |
| Specifies a path to a file with request headers that were gathered from the HTTP traffic for the scanned object. |
| Specifies a path to a file with response headers that were gathered from the HTTP traffic for the scanned object. |
| Shows the release date of the anti-virus database. You can use this option to check whether |
| Shows the version of KAV SDK. You can use this option to check whether |
| Shows information about the current key file. You can use this option to check whether |
| Shows Help information. |
| Makes an HTTP request in JSON format. |
| Makes an HTTP request to launch the anti-virus database update. Can be used with options |
| Shows the status of the database update process. Can be used with options |
| Gets the accumulated statistics. Can be used with options |
| Clears the accumulated statistics. Can be used with options |
| When making an HTTP request in JSON format, omits objects with the |
| Specifies a cipher suite which must be used for exchange with the kavhttpd service. The following cipher suites are supported in TLS 1.2:
The following cipher suites are supported in TLS 1.3:
By default, the following value is used: |
| Checks if the validity period of a certificate conforms to the current date, based on time zone. By default, checking is not performed. |
| Checks if the subject name of a certificate ( |
| Checks a certificate by a certification path. |
| Specifies a full path to the directory where CA certificates are stored. A certificate from the specified directory is used to check the validity of a TLS certificate and its configuration. In Linux, if this parameter is not specified, the HTTP client uses the following paths:
To use the |
| Specifies a full path to the directory where a CA bundle is stored. The bundle file is used to check the validity of a TLS certificate and its configuration. In Linux, if this parameter is not specified, the HTTP client uses one of the following files (whichever is found first):
|
| Specifies that scanning of objects will be repeated for at least If the argument is not specified, all of the objects will be scanned one time. Otherwise, scanning will be performed for at least the specified seconds. |
| Suppresses scan results.That is, scan results are not displayed. |
| Specifies the number of threads to scan files in parallel. |
| Measures and displays the following:
|
| Specifies the name of the request header field used for authentication. If not specified, the default name |
| Specifies the value of an API token used for authentication. Combine this option with |
| Adds the Combine this option with |
Connection type
Two connection types are supported by the sample HTTP client:
- TCP connection
To use a TCP connection, specify an IP address in the
-soption in the following format: "ip_addr:port". - UNIX socket connection (Linux only)
To use a UNIX socket connection, specify the path to the socket in the
-soption.This is the default option. The default socket file is
/tmp/.kavhttpd.
Timeout
The sample HTTP client uses the value specified in the -t option to determine the scan timeout, similarly to the X-KAV-Timeout header.
The default timeout value is 2000.
If 0 is specified in this option, the timeout is infinite.
Scan mode
The sample HTTP client supports two scan modes, which you can specify by using the -f option:
- scanfile mode (
-f).In this mode, the sample HTTP client passes file paths to Kaspersky Scan Engine, which reads and scans the files.
To send a scan request to a remote computer over a TCP socket, you must specify the paths to the files that you want to scan or the directories that contain these files. You do not have to do that if the sample HTTP client and Kaspersky Scan Engine are located on the same computer.
- scanmemory mode (default).
In this mode, the sample HTTP client passes the file contents to Kaspersky Scan Engine, which scans the contents.
Use only the KAV_SKIP cleaning mode with the scanmemory scan mode. Kaspersky Scan Engine cannot disinfect or delete files in the scanmemory mode.
Scan task context
Kaspersky Scan Engine uses the scan task context to increase the detection rate. Using this option does not affect scanning performance.
It is recommended to use the scan task context in gateway integrations.
Use the following format for the context:
- If the object to scan is received from the Internet, specify the web address of the source, including the protocol.
Example:
http://example.comThe supported protocols are HTTP, HTTPS, and FTP. If the source URL is unknown, it is recommended to use
http://example.comas the scan task context. - If the object to scan is received by email, specify the sender's email address. Use the following format:
[from:%sender_address%].Example:
[from:example@example.com]
If the object is received by email, but the sender's email address is unknown, it is recommended to use [from:test@relay.example] as the scan task context.
The scan task context is applicable to file scanning only. If you specify the scan task context for a URL, it will be ignored.
Request and response headers
Specifying request and response headers that were gathered from HTTP traffic related to the scanned object improves the detection rate. It is recommended to use the request and response headers in gateway integrations.
Information messages
The -b, -v, and -l options can only be used together with the -s, -j, and -t options. If you use them with any other option, kavhttp_client returns an error.
You can use the -b, -v, and -l options to check whether kavhttpd is running.
Scanning files
You can specify one or more files to scan, separating them by a white space. Depending on the scan mode, the sample HTTP client then passes the paths to these files or their contents to Kaspersky Scan Engine.
Also, you can specify a directory where files are stored. All files that are located inside this directory and all its subdirectories will be scanned.
Use the following syntax to scan files in scanfile mode:
./kavhttp_client [-s <ip:port | unix-socket>] [-t <timeout>] [-c <context>] [--req <req_file>] [--resp <resp_file>] -f <file1> [<file2>...] |
Use the following syntax to scan the contents of files in scanmemory mode:
./kavhttp_client [-s <ip:port | unix-socket>] [-t <timeout>] [-c <context>] [--req <req_file>] [--resp <resp_file>] <file1> [<file2>...] |
Scanning URLs
You can specify a URL to scan. If the URL contains spaces or tabs, enclose the URL in quotation marks or make these characters percent-encoded. Similarly, if the URL contains quotation marks ("), make them percent-encoded.
Simultaneous scanning of multiple URLs is not supported. If you specify more than one URL, only the first one will be scanned.
Files cannot be scanned when the -u option is specified. The -u and -f options cannot be used together.
Use the following syntax to scan a URL:
./kavhttp_client [-s <IP:port | unix-socket>] [-t <timeout>] [-i <IP>] -u <URL> |
