I am building a batch upload process for Google Drive. I have been trying to confirm that all files upload via the API are also scanned for viruses and malware, but can not find any documentation on this. Does anyone know if 1: All files are scanned, 2: if there is a API call to get the scan results or if a standard error is cast back if a file is infected? IF you can point me to any documentation on this would be fantastic.
-Eg
You can use the EICAR virus test string to understand how Drive behaves with viruses. Here's a globally shared file named eicar.exe which is nothing more than a harmless string but which Google Drive's scan on download will detect as a virus.
You'll notice that:
Attempts to download my file with files.get(alt=media) will fail with "403: Only the owner can download abusive files."
Attempts to files.copy() my file into your own Drive will succeed. (This is a nice workaround when the file is not accessible with files.get() for various reasons).
Attempts to files.get(alt=media, acknowledgeAbuse=true) YOUR copy of the file should succeed.
So to answer your original question, you should be able to follow a files.insert() with a files.get(acknowledgeAbuse=false) to determine if Drive thinks your new file is a Virus (watch for the 403 abuse response).
Be aware that like all Antivirus services, Google is constantly updating it's virus definitions so a file that was not detected as a virus (false negative) may be detected as a virus at a later time and a file that was wrongly detected as a virus (false positive) may no longer be detected as a virus in the future.
Virus scanning: Google Drive scans a file for viruses before the file
is downloaded or shared. If a virus is detected, users can't share the
file with others, send the infected file via email, or convert it to a
Google Doc, Sheet, or Slide, and they'll receive a warning if they
attempt these operations. The owner can download the virus-infected
file, but only after acknowledging the risk of doing so.
Seen here
I'm pretty sure it's not an exposed part of the Drive API though. If you want to implement your own, you'll have to find a different API (maybe this?) to scan your files prior to uploading it to Drive.
Related
Good day
My problem i added the google drive api to get for files larger than 100mb no virus warning message from google drive
without google api its like this warning after clicking the link
https://drive.google.com/uc?export=download&id=1DyXunnAetC9Xc8Ur0poTmLWo7Yo3DylZ
i want the download without that warning message i mean a direct download
so i created an api and created an direct download link over this site
https://www.wonderplugin.com/online-tools/google-drive-direct-link-generator/
what i get is this
https://www.googleapis.com/drive/v3/files/11KPre5Rr3i9jqUr2QdlS-98Kl4wuaW6Z?alt=media&key=AIzaSyBybF13v7u-zXnruCs6uJ9I1QxoDFe0miw
it works correctly the warning message is bypassed but the name of the file is also changed to the file id this would look for customers of my cloud really scary like a virus and not like a apk file or something
so what i want is that the file name will be displayed by downloading and not something crazy like 037eugd98zr9u2dßih9ud237
without api the warning apears but the download file has the file name and not the ß30ru329fie2hfe crazy name :D
can someone help me?
I have read Google Drive API documentation but I'm not able to understand the following:
Can files and folder be created and modified on drive in background of app?
My application needs working of drive in background.
For Files:
If you will check "Working with File Contents":
Lifecycle of a Drive file
The Drive Android API lets your app access files even if the device is offline. To support offline cases, the API implements a sync engine, which runs in the background to upstream and downstream changes as network access is available and to resolve conflicts.
Check this image from the document.
The lifecycle of a DriveFile object:
Perform an initial download request if the file is not yet synced to the local context but the user wants to open the file. The API handles this automatically when a file is requested.
Open the contents of a file. This creates a temporary duplicate of the file's binary stream which is only available to your application.
Read or modify the file contents, making changes to the temporary duplicate.
Commit or discard any file content changes that have been made.
If there are changes, the file contents are queued for upload to sync them back to the server.
Google API does support running in background. For folders there is no documentation regarding creating of folder can be done in background, but I think same implementation can be done.
I hope this helps.
I have a log server, where users upload archives and view their content online when needed. Currently the server unzips files, right after receiving them. Unfortunately, my peers consumed all the drive space I had. I can free up a lot of space, if there's a way of storing ZIP archives, but feeding them to users as HTML page (same as default Apache's file browser).
I know there are solutions relying on JS, like:
http://gildas-lormeau.github.io/zip.js/demos/demo2.html
https://stuk.github.io/jszip/
or I can unzip them on demand at server side and provide link to a temporary folder. However, some time ago I've heard a browser can view an archive content if proper headers are sent from Apache/nginx. Apache's mod-deflate doesn't help much here and I can't find other docs - perhaps it's not possible after all?
Cheers.
I received a virus warning when trying to download a compressed .net application folder from Google Drive.
I uploaded the file originally and have scanned it locally and it is virus free.
Using virustotal.com I was able to narrow down the files causing the failure. Both are resource dlls. It is the Resources.resources.dll (English and Spanish versions). However, when I scan the original files prior to publication, all are clean.
Each time, it is Commtouch and F-Prot that find the virus.
What would cause this and how do I fix it?
For anyone interested, Google has created a feature request to allow an admin to permit flagged files for download. This means, if we know it is safe and getting a false positive we can ignore the issue.
It isn't ideal, but at least it allows for this collaboration.
Is it possible for a website to automatically find a folder on usb stick and upload all the files in it to the web server by clicking only one button?
The problem is that I don't know how to make upload form automatically detect usb stick as the drive name(ie. G:, F:, etc) may vary from computer to computer, so hard coding path is not possible.
Ps. I'm using yii framework for site development, but can add a new page that will handle this in any other language as the client really wants this feature.
Web sites are not allowed to set default files to upload (it's a major security risk!). Also, web sites cannot scan the hard drive/enumerate what file systems exist on a system, again, for security purposes.
It might be possibly to do this with Flash/Silverlight/Java. Java seems the most likely to allow a web developer to do this (Java plugin seems to be quite willing to give out every permission under the Sun).
Short answer: No.
Long answer: Allowing automatic uploads in web browsers would be a huge security hole so the browsers intentionally prevent it. Even if you manage to find a hole that permits it, the browser makers will break it as soon as they find out.
However, if you have an environment where an actual separate program can be installed on the end user's computer you could easily write a program to do automated uploads of specified directories when launched.