With Scanii you can process files directly from your client browser without having to submit potentially malicious/unwanted content to your servers.
Here’s how the logic works in a nutshell:
A conventional file upload HTML form is sent to the browser
Use that one-time API authentication token to submit the file to Scanii for processing/identification using our File API
Based upon our File API response we will either submit the form to the server (including the identifier of the File API) or notify the user of the content findings.
Back on the server side, we now validate that the content was indeed properly processed by looking up the processing result via the result identifier. If everything checks out, the file is good to be stored or the server.
Here’s what all that magic look like:
So, when should you use client side content processing?
That is an excellent question to which there isn’t really a one-size-fits-all answer, it ultimately depends on your requirements. If you would like to do as much work as possible on the client-side browser, this feature is for you.
The pros and cons of making content decisions client side
Malicious/unwanted files are identified before being sent to your servers.
Integrates nicely with single page apps (SPA) using React or Angular.
From a client browser perspective, content is submitted twice, once to Scanii for processing and again to your service for storage.
Slightly more complex integration involving both browser and server coordination work.
How do you get around the browser same-origin policy?
Good question, all of our globally distributed API endpoints support CORS.