Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mohamed_Mahdi
New Contributor

Scan JSON object inside http request body

Hi everyone,

 

We are currently testing the fortiguard antivirus to secure access to our REST API.

Our API uses JSON as content-type in http request and response.

In http requests, for some services we must send encoded file in base64 inside the JSON object, as shown below :

 

 

"plateforme": { 
     "typeIdPlateforme": "1", 
     "idPlateforme" : "12345678901234" 
   }, 
 "idDemandeur" : "aaa", \ 
 "rsDemandeur": "AAAA", \ 
 "dumeA": { 
     "xmlDume" : "UEsDBAoAAAAAAOCYuCg8z1FoRAAAAEQAAAAJAAAAZWljYXIuY29tWDVPIVAlQEFQWzRcUFpYNTQoUF4pN0NDKTd9JEVJQ0FSLVNUQU5EQVJELUFOVElWSVJVUy1URVNULUZJTEUhJEgrSCpQSwECFAAKAAAAAADgmLgoPM9RaEQAAABEAAAACQAAAAAAAAABACAA/4EAAAAAZWljYXIuY29tUEsFBgAAAAABAAEANwAAAGsAAAAAAA==" 
   } 
 }

  In this sample, the attribut "xmlDume" is an encoded file (base64). When i took an infected file, encoded it and sent it in the json,  the antivirus was unable to detect that the value of the "xmlDume" attribut is an infected encoded file.   Is the fortiguard antivirus is capable to scan the JSON object or some attributs like "xmlDume" ? Thanks in advance.

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors