> ## Documentation Index
> Fetch the complete documentation index at: https://cometchat-013b37f0.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Virus And Malware Scanner (Legacy)

<Warning>
  **Legacy Notice**: This extension is considered legacy and is scheduled for deprecation in the near future. It is no longer recommended for new integrations.

  Please note: Legacy extensions are no longer actively maintained and will not receive feature updates or enhancements.
</Warning>

The Virus & Malware Scanner Extension allows the developer to scan files uploaded by users so that a warning can be added for malicious content.

## Before you begin

This Extension uses a third-party API service - [Scanii](https://scanii.com) - to scan media messages. Create an account with Scanii API Service and get your pair of **API Key** and **Secret**.

## Extension settings

1. Login to [CometChat](https://app.cometchat.com/login) and select your app.
2. Go to the Extensions section and enable the Virus and Malware Scanner extension.
3. Open the Settings for this extension.
4. Enter Scanii API Key and Scanii Secret and click on save.

## How does it work?

Once the Extension is enabled for your App and the Extension Settings are saved, the recipients will receive metadata with an array of results.

The Virus Scan results will be updated later for the message and hence you need to implement the `onMessageEdited` listener. Please check the **Edit a Message** page under the Messaging section of each SDK for more details.

This can be used to show warning messages:

<Tabs>
  <Tab title="JSON">
    ```json theme={null}
    {
      "@injected": {
        "extensions": {
          "virus-malware-scanner": {
            "attachments": [
              {
                "data": {
                  "url": "https://media.com/1646056756_400568974.mp3",
                  "name": "a2.mp3",
                  "size": 1519658,
                  "verdict": {
                    "scan_results": [],
                  },
                  "mimeType": "audio/mpeg",
                  "extension": "mp3",
                },
                "error": null,
              },
              {
                "data": {
                  "url": "https://media.com/1646056756_400568933.mp3",
                  "name": "a1.mp3",
                  "size": 1519658,
                  "mimeType": "audio/mpeg",
                  "extension": "mp3",
                  "verdict": null
                },
                "error": {
                  "code": "ERROR_CODE",
                  "message": "Error Message",
                  "devMessage": "Error message",
                  "source": "ext-api"
                }
              }
            ],
            "scan_results": [],
          },
        },
      },
    }
    ```
  </Tab>
</Tabs>

If the scan\_results is an empty array, it means the message is safe.

If the virus-malware-scanner key is missing, then either the extension is not enabled or your Scanii credits are over.

<Note>
  The `scan_results`, to the outside of `attachments` are the result for the first attachment from the `attachments` array. This has been retained for backward compatibility only.\
  You can iterate over `attachments` array for better implementation.
</Note>

## Implementation

At the recipients' end, from the message object, you can fetch the metadata by calling the getMetadata() method. Using this metadata, you can fetch the Rich Media Embed.

<Tabs>
  <Tab title="JavaScript">
    ```js theme={null}
    const metadata = message.getMetadata();
    if (metadata != null) {
      const injectedObject = metadata["@injected"];
      if (injectedObject != null && injectedObject.hasOwnProperty("extensions")) {
        const extensionsObject = injectedObject["extensions"];
        if (
          extensionsObject != null &&
          extensionsObject.hasOwnProperty("virus-malware-scanner")
        ) {
          const { attachments } = extensionsObject["virus-malware-scanner"];
          for (const attachment of attachments) {
            if (!attachment.error) {
             const { scan_results } = attachment.data.verdict;
             // Check the other parameters as required.
            }
          }
        }
      }
    }
    ```
  </Tab>

  <Tab title="Java">
    ```java theme={null}
    JSONObject metadata = message.getMetadata();
    if (metadata != null) {
      JSONObject injectedObject = metadata.getJSONObject("@injected");
      if (injectedObject != null && injectedObject.has("extensions")) {
        JSONObject extensionsObject = injectedObject.getJSONObject("extensions");
        if (extensionsObject != null && extensionsObject.has("virus-malware-scanner"))
            {
              JSONObject tg = extensionsObject.getJSONObject("virus-malware-scanner");
            JSONArray attachments = tg.getJSONArray("attachments");

            for (int i = 0; i < attachments.length(); i++) {
                JSONObject attachment = attachments.getJSONObject(i);
                JSONObject error = attachment.getJSONObject("error");
                if (error == null) {
                  JSONObject data = attachment.getJSONObject("data");
                  JSONObject verdict = data.getJSONObject("verdict");
                 String unsafe = thumbnails.getString("scan_results");
           // Check the other parameters as required.
                }
              }
            }
        }
    }
    ```
  </Tab>

  <Tab title="Kotlin">
    ```kotlin theme={null}
    if (metadata != null) {
      if (metadata.has("@injected")) {
      val injected = metadata.getJSONObject("@injected")
        if (injected != null && injected.has("extensions")) {
         val extensions = injectedJSONObject.getJSONObject("extensions")
       if (extensions != null && extensions.has("virus-malware-scanner")) {
         val tg = extensions.getJSONObject("virus-malware-scanner")
         val attachments = tg.getJSONArray("attachments")
        for (i in 0 until attachments.length()) {
              val attachment = attachments.getJSONObject(i)
              val error = attachment.getJSONObject("error")
              if (error == null) {
                val data = attachment.getJSONObject("data")
                val verdict = data.getJSONObject("verdict")
               val unsafe = verdict.getString("scan_results")
                // use other parameters are required.
              }
            }
       }
      }
     }
    }
    ```
  </Tab>

  <Tab title="Swift">
    ```swift theme={null}
    if let metaData = message?.metaData , let injected = metaData["@injected"] as? [String : Any], let extensions =injected["extensions"] as? [String : Any], let attachments = extensions["virus-malware-scanner"] as? [[String : Any]] {

        for attachment in attachments {

          if let data = attachment["data"] as? [String:Any] , let verdict = data["verdict"] as? [String:any] {
         // Check for the parameters as required.
           if let unsafe = URL(string: verdict["scan_results"] as? String) {
    // Use the url accordingly.
     }
          
          // check for attachment.error if "verdict" is null
       }
    }
    }
    ```
  </Tab>
</Tabs>
