NAV Navigation
Shell HTTP JavaScript Ruby Python PHP Java Go

Asynchronous API v1.0

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

Please note this API is only available if you have deployed and configured MongoDB with the Glasswall Halo

Authentication

Glasswall Halo Async

Endpoints supporting the inspection and rebuilding of documents through Glasswall Halo asynchronously.

Processes the supplied document in base64 format using Glasswall Halo asynchronously.

Code samples

# You can also use wget
curl -X POST /api/v1/cdr-async \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Session-Id: string'
POST /api/v1/cdr-async HTTP/1.1

Content-Type: application/json
Accept: application/json
X-Session-Id: string
const inputBody = '{
"base64": "ZG9jdW1lbnQgY29udGVudA==",
"fileName": "test-file.pdf",
"password": null
}';
const headers = {
'Content-Type':'application/json',
'Accept':'application/json',
'X-Session-Id':'string'
};

fetch('/api/v1/cdr-async',
{
method: 'POST',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'

headers = {
'Content-Type' => 'application/json',
'Accept' => 'application/json',
'X-Session-Id' => 'string'
}

result = RestClient.post '/api/v1/cdr-async',
params: {
}, headers: headers

p JSON.parse(result)
import requests
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'X-Session-Id': 'string'
}

r = requests.post('/api/v1/cdr-async', headers = headers)

print(r.json())
<?php

require 'vendor/autoload.php';

$headers = array(
'Content-Type' => 'application/json',
'Accept' => 'application/json',
'X-Session-Id' => 'string',
);

$client = new \GuzzleHttp\Client();

// Define array of request body.
$request_body = array();

try {
$response = $client->request('POST','/api/v1/cdr-async', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}

// ...
URL obj = new URL("/api/v1/cdr-async");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main

import (
"bytes"
"net/http"
)

func main() {

headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
"X-Session-Id": []string{"string"},
}

data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "/api/v1/cdr-async", data)
req.Header = headers

client := &http.Client{}
resp, err := client.Do(req)
// ...
}

POST /api/v1/cdr-async

When submitting a document to Glasswall Halo, the required policy settings can optionally be provided, either in the form of specifying a ‘named policy’ or providing a ‘dynamic policy’. A ‘named policy’ can be specified by setting the policyName query parameter. If the specified policy does not exist, then a 404 error will be returned. A ‘dynamic policy’ can be specified in the body of the request by setting the ContentManagementPolicyDetail property. The schema defining the format for the policy settings can be retrieved from the cdr-policy/spec endpoint. If an invalid policy is submitted a 400 error will be returned. As this API processes the given file through Glasswall Halo asynchronously, it will return the “transactionId” for reference.

Body parameter

No policy specified, so the product’s default policy will be applied.

{
"base64": "ZG9jdW1lbnQgY29udGVudA==",
"fileName": "test-file.pdf",
"password": null
}

Parameters

Name In Type Required Description
body body CdrRequestBody true none
policyName query QueryPolicyName false Specifies the named policy to be applied during Glasswall Halo processing. Alternatively a ‘dynamic policy’ can be provided in the message body. If no policy is specified then the default policy is applied.
response-content query string false Defines the output required for the request and depending on the value will determine what Glasswall Halo will do to your file.
format query QueryReportFormat false Controls the format of the analysis report
return-executable-file query QueryReturnExecutableFile false Allow the processing of software file types that are structurally fixed but not cleaned. If set to false then rebuilt executable files are not returned (even if they are found to contain no issues)
X-Session-Id header QuerySessionId false A Guid that can be used to group requests in reports.

Detailed descriptions

response-content: Defines the output required for the request and depending on the value will determine what Glasswall Halo will do to your file.
Available values: noAnalysisReport, noRebuiltFile.
Multiple values can be provided in a comma seperated list.
If you set noAnalysisReport you will just receive the rebuilt file (Rebuild Mode). If you set noRebuiltFile you will receive the analysis report (Analysis Mode). If you set noRebuiltFile,noAnalysisReport you will receive the file type as a response header (File Type Detection). Leaving this value blank you will receive both the analysis and rebuilt file along with the file type in the header (Composite Mode), this is the default behaviour.

Enumerated Values

Parameter Value
format XML
format JSON

Example responses

202 Response

{
"transactionId": "75906707-8c31-479c-b354-aa805c4cefbc"
}

404 Response

{
"errors": [
{
"errorCode": 4000,
"errorDescription": "Policy 'testpolicy' was not found"
}
]
}

5XX Response

{
"errors": [
{
"errorCode": 44406,
"errorDescription": "Unable to connect to the database"
}
]
}

Responses

Status Meaning Description Schema
202 Accepted The asynchronous Glasswall Halo request is accepted. CDRAsyncAcknowledgement
401 Unauthorized Unauthorized None
404 Not Found Specified policy not found CdrErroredBody
5XX Unknown Processing error CdrErroredBody

Response Headers

Status Header Type Format Description
202 x-applied-policy string Identifies the policy applied during Glasswall Halo processing.
202 Cache-Control string Prevent sensitive information from being cached.
202 Content-Security-Policy string To protect against drag-and-drop style clickjacking attacks.
202 Content-Type string Indicates the response content type
202 Strict-Transport-Security string Uses a week long max-age to prevent any communications from being sent to this domain over HTTP
202 X-Content-Type-Options string To prevent browsers from performing MIME sniffing, and inappropriately interpreting responses as HTML.
202 X-Frame-Options string To protect against drag-and-drop style clickjacking attacks.

Retrieves the result of the request that was made asynchronously

Code samples

# You can also use wget
curl -X GET /api/v1/cdr-async/{transactionId} \
-H 'Accept: application/json'
GET /api/v1/cdr-async/{transactionId} HTTP/1.1

Accept: application/json

const headers = {
'Accept':'application/json'
};

fetch('/api/v1/cdr-async/{transactionId}',
{
method: 'GET',

headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'

headers = {
'Accept' => 'application/json'
}

result = RestClient.get '/api/v1/cdr-async/{transactionId}',
params: {
}, headers: headers

p JSON.parse(result)
import requests
headers = {
'Accept': 'application/json'
}

r = requests.get('/api/v1/cdr-async/{transactionId}', headers = headers)

print(r.json())
<?php

require 'vendor/autoload.php';

$headers = array(
'Accept' => 'application/json',
);

$client = new \GuzzleHttp\Client();

// Define array of request body.
$request_body = array();

try {
$response = $client->request('GET','/api/v1/cdr-async/{transactionId}', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}

// ...
URL obj = new URL("/api/v1/cdr-async/{transactionId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main

import (
"bytes"
"net/http"
)

func main() {

headers := map[string][]string{
"Accept": []string{"application/json"},
}

data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "/api/v1/cdr-async/{transactionId}", data)
req.Header = headers

client := &http.Client{}
resp, err := client.Do(req)
// ...
}

GET /api/v1/cdr-async/{transactionId}

Retrieves the result of the request that was made asynchronously

Parameters

Name In Type Required Description
transactionId path CDRAsyncTransactionId true TransactionID that corresponds to an asynchronous request

Example responses

200 Response

{
"transactionId": "55cac2bf-d9e1-42cd-b163-30982660fe79",
"processingStatus": "rebuilt",
"fileType": "pdf",
"analysisReport": {
"content": "YW5hbHlzaXMgcmVwb3J0",
"contentType": "application/json",
"contentEncoding": "base64"
},
"rebuiltFile": {
"content": "cmVidWlsdCBmaWxl",
"contentType": "application/octet-stream",
"contentEncoding": "base64"
}
}

206 Response

{
"errorReason": "Failed to rebuild file",
"transactionId": "55cac2bf-d9e1-42cd-b163-30982660fe79",
"processingStatus": "failed",
"fileType": "pdf",
"analysisReport": {
"content": "YW5hbHlzaXMgcmVwb3J0",
"contentType": "application/json",
"contentEncoding": "base64"
}
}

400 Response

{
"errors": [
{
"errorCode": 44400,
"errorDescription": "Format 'Base64' was requested, but transaction has encoding 'Binary'. Please use the provided endpoint for this encoding."
}
]
}

404 Response

{
"errors": [
{
"errorCode": 44404,
"errorDescription": "Unable to find the transactionId"
}
]
}

410 Response

{
"errors": [
{
"errorCode": 44401,
"errorDescription": "Transaction has been cleaned up in accordance to data retention"
}
]
}

500 Error returned if unable to connect to the database

{
"Errors": [
{
"ErrorCode": 4406,
"ErrorDescription": "Unable to connect to the database"
}
]
}

500 Error returned if unable to retrieve file from storage

{
"Errors": [
{
"ErrorCode": 44405,
"ErrorDescription": "Unable to determine if file exists"
}
]
}

500 Error returned if file errored on rebuild

{
"Errors": [
{
"ErrorCode": 5002,
"ErrorDescription": "Unable to rebuild file"
}
]
}

500 Error returned if license is unavailable

{
"Errors": [
{
"ErrorCode": 5002,
"ErrorDescription": "No license was set within the engine"
}
]
}

Responses

Status Meaning Description Schema
200 OK The asynchronous Glasswall Halo request is completed with the status of “rebuilt”. Rebuilt file and Analysis report are returned. CdrAsyncCompleteBody
204 No Content The asynchronous request is still in progress None
206 Partial Content The asynchronous request is completed with the status of “failed”. Analysis report is returned. CdrAsyncPartialBody
400 Bad Request Wrong GET endpoint used CdrErroredBody
401 Unauthorized Unauthorized None
404 Not Found Specified transactionId not found CdrErroredBody
410 Gone Asynchronous results for this transaction are no longer available and have been cleaned up in accordance with data retention CdrErroredBody
5XX Unknown Processing error CdrErroredBody

Response Headers

Status Header Type Format Description
200 Cache-Control string none
200 Content-Security-Policy string none
200 Content-Type string none
200 Strict-Transport-Security string none
200 X-Content-Type-Options string none
200 X-Frame-Options string none
200 x-filereputation-responsecode string Response code returned from the file reputation service
200 x-filereputation-status string Response status from the file reputation service.
200 x-filereputation-threatname string Malware family name if file is detected as Malicious or Suspicious
200 x-filereputation-threatlevel string Threat level for the file hash. 0 indicates no threat; 1 is the lowest threat severity; 5 is the highest threat value
200 x-filereputation-trustlevel string Trust factor value for the file hashes detection results. 0 is the most trusted, 5 is the least trusted.
206 x-filereputation-responsecode string Response code returned from the file reputation service
206 x-filereputation-status string Response status from the file reputation service.
206 x-filereputation-threatname string Malware family name if file is detected as Malicious or Suspicious
206 x-filereputation-threatlevel string Threat level for the file hash. 0 indicates no threat; 1 is the lowest threat severity; 5 is the highest threat value
206 x-filereputation-trustlevel string Trust factor value for the file hashes detection results. 0 is the most trusted, 5 is the least trusted.
5XX x-filereputation-responsecode string Response code returned from the file reputation service
5XX x-filereputation-status string Response status from the file reputation service.
5XX x-filereputation-threatname string Malware family name if file is detected as Malicious or Suspicious
5XX x-filereputation-threatlevel string Threat level for the file hash. 0 indicates no threat; 1 is the lowest threat severity; 5 is the highest threat value
5XX x-filereputation-trustlevel string Trust factor value for the file hashes detection results. 0 is the most trusted, 5 is the least trusted.

Processes the uploaded file in binary format using the Glasswall Halo asynchronously.

Code samples

# You can also use wget
curl -X POST /api/v1/cdr-file-async \
-H 'Content-Type: multipart/form-data' \
-H 'Accept: application/json' \
-H 'X-Session-Id: string' \
-H 'password: null'
POST /api/v1/cdr-file-async HTTP/1.1

Content-Type: multipart/form-data
Accept: application/json
X-Session-Id: string
password: null
const inputBody = '{
"file": "string",
"ContentManagementPolicy": "{\"ContentManagementFlags\":{\"PdfContentManagement\":{\"Acroform\":1,\"ActionsAll\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Javascript\":1,\"Metadata\":1,\"Watermark\":\"\",\"DigitalSignatures\":1,\"ValueOutsideReasonableLimits\":1,\"RetainExportedStreams\":1},\"WordContentManagement\":{\"DynamicDataExchange\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1},\"ExcelContentManagement\":{\"DynamicDataExchange\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1, \"Connections\":1},\"PowerPointContentManagement\":{\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1},\"ArchiveConfig\":{\"bmp\":1,\"doc\":1,\"docx\":1,\"emf\":1,\"gif\":1,\"jpg\":1,\"wav\":1,\"elf\":1,\"pe\":1,\"mp4\":1,\"mpg\":1,\"pdf\":1,\"png\":1,\"ppt\":1,\"pptx\":1,\"tif\":1,\"wmf\":1,\"xls\":1,\"xlsx\":1,\"mp3\":1,\"rtf\":1,\"coff\":1,\"macho\":1,\"svg\":1,\"webp\":1,\"unknown\":1},\"SvgConfig\":{\"ForeignObjects\":1,\"Hyperlinks\":1,\"Scripts\":1},\"WebpConfig\":{\"Metadata\":1},\"TiffConfig\":{\"GeoTiff\":1}}}"
}';
const headers = {
'Content-Type':'multipart/form-data',
'Accept':'application/json',
'X-Session-Id':'string',
'password':null
};

fetch('/api/v1/cdr-file-async',
{
method: 'POST',
body: inputBody,
headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'

headers = {
'Content-Type' => 'multipart/form-data',
'Accept' => 'application/json',
'X-Session-Id' => 'string',
'password' => null
}

result = RestClient.post '/api/v1/cdr-file-async',
params: {
}, headers: headers

p JSON.parse(result)
import requests
headers = {
'Content-Type': 'multipart/form-data',
'Accept': 'application/json',
'X-Session-Id': 'string',
'password': null
}

r = requests.post('/api/v1/cdr-file-async', headers = headers)

print(r.json())
<?php

require 'vendor/autoload.php';

$headers = array(
'Content-Type' => 'multipart/form-data',
'Accept' => 'application/json',
'X-Session-Id' => 'string',
'password' => 'null',
);

$client = new \GuzzleHttp\Client();

// Define array of request body.
$request_body = array();

try {
$response = $client->request('POST','/api/v1/cdr-file-async', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}

// ...
URL obj = new URL("/api/v1/cdr-file-async");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main

import (
"bytes"
"net/http"
)

func main() {

headers := map[string][]string{
"Content-Type": []string{"multipart/form-data"},
"Accept": []string{"application/json"},
"X-Session-Id": []string{"string"},
"password": []string{"null"},
}

data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("POST", "/api/v1/cdr-file-async", data)
req.Header = headers

client := &http.Client{}
resp, err := client.Do(req)
// ...
}

POST /api/v1/cdr-file-async

The endpoint accepts requests to rebuild files asynchronously. The file is sent in the request body as a field in ‘multipart/form-data’. When submitting a document to Glasswall Halo, the required policy settings can optionally be provided, either in the form of specifying a ‘named policy’ or providing a ‘dynamic policy’. A ‘named policy’ can be specified by setting the policyName query parameter. If the specified policy does not exist, then a 404 error will be returned. A ‘dynamic policy’ can be specified in the body of the request by setting the ContentManagementPolicy property. The schema defining the format for the policy settings can be retrieved from the cdr-policy/spec endpoint. If an invalid policy is submitted a 400 error will be returned. As this API processes the given file through Glasswall Halo asynchronously, it will return the “transactionId” for reference.

Body parameter

file: string
ContentManagementPolicy: '{"ContentManagementFlags":{"PdfContentManagement":{"Acroform":1,"ActionsAll":1,"EmbeddedFiles":1,"EmbeddedImages":1,"ExternalHyperlinks":1,"InternalHyperlinks":1,"Javascript":1,"Metadata":1,"Watermark":"","DigitalSignatures":1,"ValueOutsideReasonableLimits":1,"RetainExportedStreams":1},"WordContentManagement":{"DynamicDataExchange":1,"EmbeddedFiles":1,"EmbeddedImages":1,"ExternalHyperlinks":1,"InternalHyperlinks":1,"Macros":1,"Metadata":1,"ReviewComments":1},"ExcelContentManagement":{"DynamicDataExchange":1,"EmbeddedFiles":1,"EmbeddedImages":1,"ExternalHyperlinks":1,"InternalHyperlinks":1,"Macros":1,"Metadata":1,"ReviewComments":1,
"Connections":1},"PowerPointContentManagement":{"EmbeddedFiles":1,"EmbeddedImages":1,"ExternalHyperlinks":1,"InternalHyperlinks":1,"Macros":1,"Metadata":1,"ReviewComments":1},"ArchiveConfig":{"bmp":1,"doc":1,"docx":1,"emf":1,"gif":1,"jpg":1,"wav":1,"elf":1,"pe":1,"mp4":1,"mpg":1,"pdf":1,"png":1,"ppt":1,"pptx":1,"tif":1,"wmf":1,"xls":1,"xlsx":1,"mp3":1,"rtf":1,"coff":1,"macho":1,"svg":1,"webp":1,"unknown":1},"SvgConfig":{"ForeignObjects":1,"Hyperlinks":1,"Scripts":1},"WebpConfig":{"Metadata":1},"TiffConfig":{"GeoTiff":1}}}'

Parameters

Name In Type Required Description
body body CdrFileRequestBody false none
policyName query QueryPolicyName false Specifies the named policy to be applied during Glasswall Halo processing. Alternatively a ‘dynamic policy’ can be provided in the message body. If no policy is specified then the default policy is applied.
response-content query string false Defines the output required for the request and depending on the value will determine what Glasswall Halo will do to your file.
format query QueryReportFormat false Controls the format of the analysis report
return-executable-file query QueryReturnExecutableFile false Allow the processing of software file types that are structurally fixed but not cleaned. If set to false then rebuilt executable files are not returned (even if they are found to contain no issues)
X-Session-Id header QuerySessionId false A string that can be used to group requests in reports.
password header FilePassword false If processing an encrypted ZIP archive file the password can be passed in as a base64 encoded string in the header.

Detailed descriptions

response-content: Defines the output required for the request and depending on the value will determine what Glasswall Halo will do to your file.
Available values: noAnalysisReport, noRebuiltFile.
Multiple values can be provided in a comma seperated list.
If you set noAnalysisReport you will just receive the rebuilt file (Rebuild Mode). If you set noRebuiltFile you will receive the analysis report (Analysis Mode). If you set noRebuiltFile,noAnalysisReport you will receive the file type as a response header (File Type Detection). Leaving this value blank you will receive both the analysis and rebuilt file along with the file type in the header (Composite Mode), this is the default behaviour.

Enumerated Values

Parameter Value
format XML
format JSON

Example responses

202 Response

{
"transactionId": "ee7b1c04-dade-4abf-b5db-5e3f13b06c2d"
}

404 Response

{
"errors": [
{
"errorCode": 4000,
"errorDescription": "Policy 'testpolicy' was not found"
}
]
}

5XX Response

{
"errors": [
{
"errorCode": 517,
"errorDescription": "Unable to connect to the database"
}
]
}

Responses

Status Meaning Description Schema
202 Accepted The asynchronous Glasswall Halo request is accepted. CDRAsyncAcknowledgement
401 Unauthorized Unauthorized None
404 Not Found Specified policy not found CdrErroredBody
5XX Unknown Processing error CdrErroredBody

Response Headers

Status Header Type Format Description
202 x-applied-policy string Identifies the policy applied during Glasswall Halo processing.
202 Cache-Control string Prevent sensitive information from being cached.
202 Content-Security-Policy string To protect against drag-and-drop style clickjacking attacks.
202 Content-Type string Indicates the response content type
202 Strict-Transport-Security string Uses a week long max-age to prevent any communications from being sent to this domain over HTTP
202 X-Content-Type-Options string To prevent browsers from performing MIME sniffing, and inappropriately interpreting responses as HTML.
202 X-Frame-Options string To protect against drag-and-drop style clickjacking attacks.

Retrieves the result of the request that was made asynchronously in binary format

Code samples

# You can also use wget
curl -X GET /api/v1/cdr-file-async/{transactionId} \
-H 'Accept: application/zip'
GET /api/v1/cdr-file-async/{transactionId} HTTP/1.1

Accept: application/zip

const headers = {
'Accept':'application/zip'
};

fetch('/api/v1/cdr-file-async/{transactionId}',
{
method: 'GET',

headers: headers
})
.then(function(res) {
return res.json();
}).then(function(body) {
console.log(body);
});
require 'rest-client'
require 'json'

headers = {
'Accept' => 'application/zip'
}

result = RestClient.get '/api/v1/cdr-file-async/{transactionId}',
params: {
}, headers: headers

p JSON.parse(result)
import requests
headers = {
'Accept': 'application/zip'
}

r = requests.get('/api/v1/cdr-file-async/{transactionId}', headers = headers)

print(r.json())
<?php

require 'vendor/autoload.php';

$headers = array(
'Accept' => 'application/zip',
);

$client = new \GuzzleHttp\Client();

// Define array of request body.
$request_body = array();

try {
$response = $client->request('GET','/api/v1/cdr-file-async/{transactionId}', array(
'headers' => $headers,
'json' => $request_body,
)
);
print_r($response->getBody()->getContents());
}
catch (\GuzzleHttp\Exception\BadResponseException $e) {
// handle exception or api errors.
print_r($e->getMessage());
}

// ...
URL obj = new URL("/api/v1/cdr-file-async/{transactionId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
System.out.println(response.toString());
package main

import (
"bytes"
"net/http"
)

func main() {

headers := map[string][]string{
"Accept": []string{"application/zip"},
}

data := bytes.NewBuffer([]byte{jsonReq})
req, err := http.NewRequest("GET", "/api/v1/cdr-file-async/{transactionId}", data)
req.Header = headers

client := &http.Client{}
resp, err := client.Do(req)
// ...
}

GET /api/v1/cdr-file-async/{transactionId}

Retrieves the result of the request that was made asynchronously in binary format

Parameters

Name In Type Required Description
transactionId path CDRAsyncTransactionId true TransactionID that corresponds to an asynchronous request

Example responses

200 Response

CDR OK.

The content returned in the response is dependant on the setting of the responseContent query parameter during the submission of an asynchronous request.

Response Content Response Body Response Header content-type
null Rebuilt File and Analysis Report in .zip file application/zip
noAnalysisReport Rebuilt File application/octet-stream
noRebuiltFile Analysis Report application/xml or application/json depending on format query parameter setting during the submission of asynchronous request.
noAnalysisReport,noRebuiltFile no content not set

When processing an archive file the same return content is used, with the exception of when noRebuiltFile is selected.

Response Content Response Body Response Header content-type
noRebuiltFile Analysis Report archive application/zip
{
"?xml": {
"@version": "1.0",
"@encoding": "utf-8"
},
"gw:GWallInfo": {
"...": null
}
}

Glasswall Halo request is completed with the status of “failed”. Analysis report is returned.

{
"?xml": {
"@version": "1.0",
"@encoding": "utf-8"
},
"gw:GWallInfo": {
"...": null
}
}

400 Response

{
"errors": [
{
"errorCode": 44400,
"errorDescription": "Format 'Base64' was requested, but transaction has encoding 'Binary'. Please use the provided endpoint for this encoding."
}
]
}

404 Response

{
"errors": [
{
"errorCode": 44404,
"errorDescription": "Unable to find the transactionId"
}
]
}

410 Response

{
"errors": [
{
"errorCode": 44401,
"errorDescription": "Transaction has been cleaned up in accordance to data retention"
}
]
}

500 Error returned if unable to connect to the database

{
"Errors": [
{
"ErrorCode": 517,
"ErrorDescription": "Unable to connect to the database"
}
]
}

500 Error returned if unable to retrieve file from storage

{
"Errors": [
{
"ErrorCode": 44405,
"ErrorDescription": "Unable to determine if file exists"
}
]
}

500 Error returned if file errored on rebuild

{
"Errors": [
{
"ErrorCode": 5002,
"ErrorDescription": "Unable to rebuild file"
}
]
}

500 Error returned if license is unavailable

{
"Errors": [
{
"ErrorCode": 5002,
"ErrorDescription": "No license was set within the engine"
}
]
}

Responses

Status Meaning Description Schema
200 OK CDR OK.

The content returned in the response is dependant on the setting of the responseContent query parameter during the submission of an asynchronous request.

Response Content Response Body Response Header content-type
null Rebuilt File and Analysis Report in .zip file application/zip
noAnalysisReport Rebuilt File application/octet-stream
noRebuiltFile Analysis Report application/xml or application/json depending on format query parameter setting during the submission of asynchronous request.
noAnalysisReport,noRebuiltFile no content not set

When processing an archive file the same return content is used, with the exception of when noRebuiltFile is selected.

Response Content Response Body Response Header content-type
noRebuiltFile Analysis Report archive application/zip
204 No Content Glasswall Halo request is still in progress
206 Partial Content Glasswall Halo request is completed with the status of “failed”. Analysis report is returned.
400 Bad Request Wrong GET endpoint used
401 Unauthorized Unauthorized
404 Not Found Specified transactionId not found
410 Gone Results for this asynchronous transaction are no longer available and have been cleaned up in accordance with data retention
5XX Unknown Processing error

Response Headers

Status Header Type Format Description
200 x-filetype string Filetype of the submitted file, identified using Glasswall Halo
200 x-transaction-id string uuid TransactionID that corresponds to the asynchronous request
200 x-processing-status string Describes the processing outcome
200 x-filereputation-responsecode string Response code returned from the file reputation service
200 x-filereputation-status string Response status from the file reputation service.
200 x-filereputation-threatname string Malware family name if file is detected as Malicious or Suspicious
200 x-filereputation-threatlevel string Threat level for the file hash. 0 indicates no threat; 1 is the lowest threat severity; 5 is the highest threat value
200 x-filereputation-trustlevel string Trust factor value for the file hashes detection results. 0 is the most trusted, 5 is the least trusted.
200 Cache-Control string none
200 Content-Security-Policy string none
200 Content-Type string none
200 Strict-Transport-Security string none
200 X-Content-Type-Options string none
200 X-Frame-Options string none
206 x-filetype string Filetype of the submitted file, identified using Glasswall Halo
206 x-transaction-id string uuid TransactionID that corresponds to the asynchronous request
206 x-processing-status string Describes the processing outcome
206 x-filereputation-responsecode string Response code returned from the file reputation service
206 x-filereputation-status string Response status from the file reputation service.
206 x-filereputation-threatname string Malware family name if file is detected as Malicious or Suspicious
206 x-filereputation-threatlevel string Threat level for the file hash. 0 indicates no threat; 1 is the lowest threat severity; 5 is the highest threat value
206 x-filereputation-trustlevel string Trust factor value for the file hashes detection results. 0 is the most trusted, 5 is the least trusted.
5XX x-filereputation-responsecode string Response code returned from the file reputation service
5XX x-filereputation-status string Response status from the file reputation service.
5XX x-filereputation-threatname string Malware family name if file is detected as Malicious or Suspicious
5XX x-filereputation-threatlevel string Threat level for the file hash. 0 indicates no threat; 1 is the lowest threat severity; 5 is the highest threat value
5XX x-filereputation-trustlevel string Trust factor value for the file hashes detection results. 0 is the most trusted, 5 is the least trusted.

Schemas

CdrRequestBody

{
"base64": "ZG9jdW1lbnQgY29udGVudA==",
"fileName": "test-file.pdf",
"password": null,
"contentManagementPolicyDetail": "{\"ContentManagementFlags\":{\"PdfContentManagement\":{\"Acroform\":1,\"ActionsAll\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Javascript\":1,\"Metadata\":1,\"Watermark\":\"\",\"DigitalSignatures\":1,\"ValueOutsideReasonableLimits\":1,\"RetainExportedStreams\":1},\"WordContentManagement\":{\"DynamicDataExchange\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1},\"ExcelContentManagement\":{\"DynamicDataExchange\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1, \"Connections\":1},\"PowerPointContentManagement\":{\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1},\"ArchiveConfig\":{\"bmp\":1,\"doc\":1,\"docx\":1,\"emf\":1,\"gif\":1,\"jpg\":1,\"wav\":1,\"elf\":1,\"pe\":1,\"mp4\":1,\"mpg\":1,\"pdf\":1,\"png\":1,\"ppt\":1,\"pptx\":1,\"tif\":1,\"wmf\":1,\"xls\":1,\"xlsx\":1,\"mp3\":1,\"rtf\":1,\"coff\":1,\"macho\":1,\"svg\":1,\"webp\":1,\"unknown\":1},\"SvgConfig\":{\"ForeignObjects\":1,\"Hyperlinks\":1,\"Scripts\":1},\"WebpConfig\":{\"Metadata\":1},\"TiffConfig\":{\"GeoTiff\":1}}}"
}

Properties

Name Type Required Restrictions Description
base64 CdrDocumentContent true none The content of the document being submitted, base64 encoded.
fileName FileName true none Specifies content filename.
password FilePassword false none Specifies the password to be applied when attempting to open the supplied content (Only applies to Archive files).
contentManagementPolicyDetail PolicySettings false none The policy settings are defined in the schema and included here in JSON format.

CdrFileRequestBody

{
"file": "string",
"ContentManagementPolicy": "{\"ContentManagementFlags\":{\"PdfContentManagement\":{\"Acroform\":1,\"ActionsAll\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Javascript\":1,\"Metadata\":1,\"Watermark\":\"\",\"DigitalSignatures\":1,\"ValueOutsideReasonableLimits\":1,\"RetainExportedStreams\":1},\"WordContentManagement\":{\"DynamicDataExchange\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1},\"ExcelContentManagement\":{\"DynamicDataExchange\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1, \"Connections\":1},\"PowerPointContentManagement\":{\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1},\"ArchiveConfig\":{\"bmp\":1,\"doc\":1,\"docx\":1,\"emf\":1,\"gif\":1,\"jpg\":1,\"wav\":1,\"elf\":1,\"pe\":1,\"mp4\":1,\"mpg\":1,\"pdf\":1,\"png\":1,\"ppt\":1,\"pptx\":1,\"tif\":1,\"wmf\":1,\"xls\":1,\"xlsx\":1,\"mp3\":1,\"rtf\":1,\"coff\":1,\"macho\":1,\"svg\":1,\"webp\":1,\"unknown\":1},\"SvgConfig\":{\"ForeignObjects\":1,\"Hyperlinks\":1,\"Scripts\":1},\"WebpConfig\":{\"Metadata\":1},\"TiffConfig\":{\"GeoTiff\":1}}}"
}

Properties

Name Type Required Restrictions Description
file string(binary) true none none
ContentManagementPolicy PolicySettings false none The policy settings are defined in the schema and included here in JSON format.

CdrFileResponseZipBody

"string"

An archive file containing both the rebuilt file and associated analysis report.

Properties

Name Type Required Restrictions Description
anonymous string(binary) false none An archive file containing both the rebuilt file and associated analysis report.

CdrFileResponseBinaryBody

"string"

Properties

Name Type Required Restrictions Description
anonymous string(binary) false none none

CdrFileResponseAnalysisXmlBody

"string"

Properties

Name Type Required Restrictions Description
anonymous string(xml) false none none

CdrFileResponseAnalysisJsonBody

"string"

Properties

Name Type Required Restrictions Description
anonymous string(json) false none none

XAppliedPolicy

"service-dynamic"

Identifies the policy applied during Glasswall Halo processing.

Properties

Name Type Required Restrictions Description
anonymous string false none Identifies the policy applied during Glasswall Halo processing.
- (name) the named policy that was applied
- default the configured default policy was applied
- service-dynamic a dynamic policy was submitted with the request and applied
- service-fallback the fallback policy was applied since the specified policy was not available

Enumerated Values

Property Value
anonymous (name)
anonymous default
anonymous service-dynamic
anonymous service-fallback)

XFileReputationStatus

"Known"

Response status from the file reputation service.

Properties

Name Type Required Restrictions Description
anonymous string false none Response status from the file reputation service.
- Known File hash is known, but found to be benign.
- Unknown File hash has not been seen by the File Reputation Service before.
- Malicious File hash is classified as Malicious.
- Suspicious File hash is considered suspicious based on the File Reputation Services classification algorithm.

Enumerated Values

Property Value
anonymous Known
anonymous Unknown
anonymous Malicious
anonymous Suspicious)

QueryPolicyName

"string"

Identifies the policy. The name should consist of only alphanumeric characters [A-Za-z0-9].

Properties

Name Type Required Restrictions Description
anonymous string false none Identifies the policy. The name should consist of only alphanumeric characters [A-Za-z0-9].

QueryReportFormat

"XML"

Properties

Name Type Required Restrictions Description
anonymous string false none none

Enumerated Values

Property Value
anonymous XML
anonymous JSON

QueryReturnExecutableFile

false

Properties

Name Type Required Restrictions Description
anonymous boolean false none none

QuerySessionId

"string"

Properties

Name Type Required Restrictions Description
anonymous string false none none

CdrDocumentContent

"ZG9jdW1lbnQgY29udGVudA=="

The content of the document being submitted, base64 encoded.

Properties

Name Type Required Restrictions Description
anonymous string(base64) false none The content of the document being submitted, base64 encoded.

FileName

"test-file.pdf"

Specifies content filename.

Properties

Name Type Required Restrictions Description
anonymous string false none Specifies content filename.

FilePassword

null

Specifies the password to be applied when attempting to open the supplied content (Only applies to Archive files).

Properties

Name Type Required Restrictions Description
anonymous string false none Specifies the password to be applied when attempting to open the supplied content (Only applies to Archive files).

PolicySettings

"{\"ContentManagementFlags\":{\"PdfContentManagement\":{\"Acroform\":1,\"ActionsAll\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Javascript\":1,\"Metadata\":1,\"Watermark\":\"\",\"DigitalSignatures\":1,\"ValueOutsideReasonableLimits\":1,\"RetainExportedStreams\":1},\"WordContentManagement\":{\"DynamicDataExchange\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1},\"ExcelContentManagement\":{\"DynamicDataExchange\":1,\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1, \"Connections\":1},\"PowerPointContentManagement\":{\"EmbeddedFiles\":1,\"EmbeddedImages\":1,\"ExternalHyperlinks\":1,\"InternalHyperlinks\":1,\"Macros\":1,\"Metadata\":1,\"ReviewComments\":1},\"ArchiveConfig\":{\"bmp\":1,\"doc\":1,\"docx\":1,\"emf\":1,\"gif\":1,\"jpg\":1,\"wav\":1,\"elf\":1,\"pe\":1,\"mp4\":1,\"mpg\":1,\"pdf\":1,\"png\":1,\"ppt\":1,\"pptx\":1,\"tif\":1,\"wmf\":1,\"xls\":1,\"xlsx\":1,\"mp3\":1,\"rtf\":1,\"coff\":1,\"macho\":1,\"svg\":1,\"webp\":1,\"unknown\":1},\"SvgConfig\":{\"ForeignObjects\":1,\"Hyperlinks\":1,\"Scripts\":1},\"WebpConfig\":{\"Metadata\":1},\"TiffConfig\":{\"GeoTiff\":1}}}"

The policy settings are defined in the schema and included here in JSON format.

Properties

None

CdrErroredBody

{
"errors": [
{
"errorCode": 0,
"errorDescription": "string"
}
]
}

Contains the details of errors raised whilst processing a document.

Properties

Name Type Required Restrictions Description
errors CdrErrors true none none

CdrErrors

[
{
"errorCode": 0,
"errorDescription": "string"
}
]

Properties

Name Type Required Restrictions Description
errorCode integer true none none
errorDescription string true none none

CdrErrorReason

"string"

Properties

Name Type Required Restrictions Description
anonymous string false none none

CdrProcessingStatus

"failed"

Properties

Name Type Required Restrictions Description
anonymous string false none none

Enumerated Values

Property Value
anonymous failed
anonymous errored
anonymous rebuilt

CdrFileType

"string"

Properties

Name Type Required Restrictions Description
anonymous string false none none

CdrResponseContent

{
"content": "string",
"contentType": "string",
"contentEncoding": "string"
}

Properties

Name Type Required Restrictions Description
content string(base64) false none none
contentType string false none none
contentEncoding string false none none

CDRAsyncAcknowledgement

{
"transactionId": "75906707-8c31-479c-b354-aa805c4cefbc"
}

Properties

Name Type Required Restrictions Description
transactionId CDRAsyncTransactionId false none TransactionID that corresponds to the asynchronous request

CDRAsyncTransactionId

"497f6eca-6276-4993-bfeb-53cbbbba6f08"

TransactionID that corresponds to the asynchronous request

Properties

Name Type Required Restrictions Description
anonymous string(uuid) false none TransactionID that corresponds to the asynchronous request

CdrAsyncCompleteBody

{
"transactionId": "75906707-8c31-479c-b354-aa805c4cefbc",
"processingStatus": "failed",
"fileType": "string",
"analysisReport": {
"content": "string",
"contentType": "string",
"contentEncoding": "string"
},
"rebuiltFile": {
"content": "string",
"contentType": "string",
"contentEncoding": "string"
}
}

Contains the results of document succeffully rebuilt by Glasswall Halo

Properties

Name Type Required Restrictions Description
transactionId CDRAsyncTransactionId false none TransactionID that corresponds to the asynchronous request
processingStatus CdrProcessingStatus false none none
fileType CdrFileType false none none
analysisReport CdrResponseContent false none none
rebuiltFile CdrResponseContent false none none

CdrAsyncPartialBody

{
"errorReason": "string",
"transactionId": "75906707-8c31-479c-b354-aa805c4cefbc",
"processingStatus": "failed",
"fileType": "string",
"analysisReport": {
"content": "string",
"contentType": "string",
"contentEncoding": "string"
}
}

Contains the results of an document that failed to be rebuilt Glasswall Halo

Properties

Name Type Required Restrictions Description
errorReason CdrErrorReason false none none
transactionId CDRAsyncTransactionId false none TransactionID that corresponds to the asynchronous request
processingStatus CdrProcessingStatus false none none
fileType CdrFileType false none none
analysisReport CdrResponseContent false none none

CacheControlHeader

"no-store"

Prevent sensitive information from being cached.

Properties

Name Type Required Restrictions Description
anonymous string false none Prevent sensitive information from being cached.

ContentTypeHeader

"application/json"

Indicates the response content type

Properties

Name Type Required Restrictions Description
anonymous string false none Indicates the response content type

ContentTypeOptionsHeader

"nosniff"

To prevent browsers from performing MIME sniffing, and inappropriately interpreting responses as HTML.

Properties

Name Type Required Restrictions Description
anonymous string false none To prevent browsers from performing MIME sniffing, and inappropriately interpreting responses as HTML.

FrameOptionsHeader

"DENY"

To protect against drag-and-drop style clickjacking attacks.

Properties

Name Type Required Restrictions Description
anonymous string false none To protect against drag-and-drop style clickjacking attacks.

ContentSecurityPolicyHeader

"frame-ancestors 'none'"

To protect against drag-and-drop style clickjacking attacks.

Properties

Name Type Required Restrictions Description
anonymous string false none To protect against drag-and-drop style clickjacking attacks.

StrictTransportSecurityHeader

"max-age=31536000"

Uses a week long max-age to prevent any communications from being sent to this domain over HTTP

Properties

Name Type Required Restrictions Description
anonymous string false none Uses a week long max-age to prevent any communications from being sent to this domain over HTTP