Share via


3.1.5.8 Handling Requests to Virus-Infected Resources

When an antivirus system is active and a request is received while the antivirus system is scanning incoming or outgoing documents, the front-end Web server MUST support the behavior specified in this section.

When a request is received and the requested resource is discovered to be infected by the protocol server virus scanner, the front-end Web server responds as follows:

  • If the protocol client is a WebDAV client or a publishing client, as specified in section 2.2.21, and the virus status of the requested resource is not clean, the protocol server MUST return an HTTP response with status code 409 as specified in [RFC2616] section 10.4.10. The protocol server response MUST include an x-virus-infected header with a value that contains virus status information from the virus scanner.

  • If the protocol client is not a WebDAV client or a publishing client as specified in section 2.2.21 and the document is infected, infected and cleanable, deleted by the virus scanner, or the virus scanner timed out, the protocol server responds as follows:

    • The protocol server MUST return an HTTP response with status code 409 as specified in [RFC2616] section 10.4.10.

    • The protocol server MUST include an x-virus-infected header whose value contains virus status information from the virus scanner with the response.

    • The protocol server MUST include a content-location header as specified in [RFC2557] section 4.2. Its value contains the URL of the antivirus status page.<13>

    • The body of the response MUST be an antivirus status page.

  • If the protocol client is not a WebDAV client or a publishing client as specified in section 2.2.21 and the document is cleaned or clean failed, the server MUST redirect the protocol client to an antivirus status page.