The simple transfer of digital documents via HTTP is a basic internet concept that just about everyone benefits from at one point or another. While a variety of unique HTTP request methods (e.g., FTP, SFTP, SCP, etc.) can be used to share document data, multipart/form-data is by far the most common method we see used in practice.

Understanding Multipart/Form-Data Requests

Multipart/form-data is a media type (or content type) used to encode binary data in HTTP requests. As the name suggests, HTTP request payloads structured as multipart/form-data include multiple parts, each containing their own set of headers and their own unique contents. This content type is triggered when the encoding type (i.e, ‘enctype’) for a web form is set to multipart/form-data by a web application developer.

Most commonly, multipart/form-data is used in an online web form with a file upload workflow. When a user uploads a document through an online web form (e.g., submitting a resume PDF in an online application) where multipart/form-data selected as the encoding type, the request is divided into multiple parts separated by boundary strings that clearly specify each content type. By structuring the request in this way, relevant text data can be bundled alongside binary file data in a single HTTP request without either content type interfering with the interpretation of the other (e.g., submitting a first and last name along with an attached resume PDF). On the receiving end, the server-side application fielding this HTTP request can extract text and binary content from the HTTP message according to the content headers and process that content accordingly.

Security Benefits

Among many other advantages, the clearly defined boundaries of multipart/form-data requests help to simplify the processes of validating binary file content and investigating that content for potential security threats. Security solutions such as virus scanning reverse-proxy (or forward-proxy) servers can be deployed adjacent to server-side web applications to intercept HTTP requests and analyze the binary file contents independently of the text-based contents.

Intercepting & Scanning Multipart/Form-Data with Cloudmersive

Cloudmersive Shield (virus scanning reverse-proxy & forward-proxy server) is a no-code solution that can be deployed ahead of any web application receiving multipart/form-data HTTP requests to scan file content for virus and malware threats at the network edge. The Cloudmersive Virus-Scanning ICAP Server can also be deployed to a similar effect.

The underlying Advanced Virus Scan API can identify known threat signatures with signature-based scanning and uncover hidden threats with predictive zero-day threat analysis. In addition, custom content restrictions can be set via simple request parameters to help block common obfuscated content threats including invalid files, password-protected files, archives, macros, and more.

For more information on no-code Cloudmersive Virus Scanning solutions for HTTP file uploads, please do not hesitate to reach out to a member of our team.