How do I use Custom Headers for Requests to ICAP Server?

The Internet Content Adaptation Protocol (ICAP) is widely used for offloading content filtering and scanning tasks to dedicated servers. When interacting with an ICAP server, custom headers can be included for tracking or other purposes. This article explains how to send a request to an ICAP server with a custom header formatted as X-Client-Custom-xxxxxx and retrieve a response that includes this header.

Understanding ICAP Requests and Responses

ICAP servers operate on a request-response model. The ICAP client sends an encapsulated HTTP request to the ICAP server, which processes it and returns a modified response. Custom headers, such as X-Client-Custom-xxxxxx, are primarily used for tracking the source of the request on the MetaDefender Core side, where the postfix xxxxxx is added to the metadata field. Note: These headers are not used for authentication, as the header prefix is defined by OPSWAT.

Enabling Custom Header Parsing

To enable custom headers in ICAP requests, ensure the ICAP server is configured to support them. Specifically, the setting enable_x_client_custom_parser must be set to true in the registry to enable custom header processing. Additionally, to absorb these headers into the HTTP or ICAP response headers, set the notify_modified_custom_header flag to true. Refer to the OPSWAT documentation for detailed configuration instructions.

Sending a Request with a Custom Header

To send a request to an ICAP server with a custom header, follow these steps:

1. Establish a connection to the ICAP server.

2. Construct the ICAP request, including the X-Client-Custom-xxxxxx header.

3. Send the request.

4. Read the response.

Example ICAP Request

For a modification request (REQMOD), the request might look like:

Receiving and Handling the Response

After sending the request, the ICAP server will respond with the processed data, including the custom header in the response headers if notify_modified_ custom_header is enabled.

Example ICAP Response

Using the Custom Header information for Further Processing

The X-Client-Custom-xxxxxx header allows for enhanced tracking and control. The ICAP server parses and returns these headers in a metadata field within the scan result JSON file in MetaDefender Core.

Sample JSON result:

You can define specific workflows based on the custom header value by specifying it in the ICAP workflow configuration. Proper implementation ensures secure and efficient communication between ICAP clients and servers. Customers can utilize the metadata for further processing, enabling better tracking, analytics, and workflow integration.

To ensure custom headers are processed correctly, verify that the enable_x_ client_custom_parser setting is set to true and the notify_modified_custom_header flag is enabled. By extracting and utilizing custom metadata fields, businesses can improve security, policy enforcement, and content adaptation workflows.