xss_file_scan

xss_file_scan is a Drupal contrib module that scans uploaded files for potentially malicious content using administrator-defined patterns. It integrates with Drupal’s validation and configuration systems to block, log, and report suspicious uploads before they are saved.

Features

Pattern-based file scanning using configurable regular expressions.
Validation constraint attached to file uploads (including media/file fields).
Flexible actions per detection: block upload, log event, show user-friendly error.
Optional email notifications to one or more recipients.
Per-language error messages for localized feedback.
Central configuration form under the admin “Configuration → System” section.

Post-Installation

Enable the xss_file_scan module via Extend (/admin/modules) or Drush.
Go to the settings page (Configuration → System → XSS file scan) and:
Define one or more detection patterns (regular expressions).
Choose whether to block uploads, log events, show error messages, and/or send email.
Configure notification recipients and per-language error messages.
Test by uploading a file containing a known test pattern to verify behavior (block/log/email).

Additional Requirements

A working mail system in Drupal (core mail or a mail backend module) to send email notifications.
Access to the Drupal log (Database Logging or syslog) to review logged scan results.
PHP PCRE support (regular expressions) for pattern matching, which is standard in typical PHP setups.

Recommended modules/libraries

Database Logging (dblog) or a logging backend (e.g., syslog) for easier monitoring of detected events.
A mail backend module if you need advanced delivery options or external mail services.
Security-oriented modules (e.g., Security Review, file antivirus modules) to complement pattern-based scanning.

Supporting this Module

Report bugs, feature requests, and edge cases via the project’s issue queue.
Contribute patches or merge requests to improve scanning logic, UX, or performance.
Share real-world patterns and configuration examples that help other site builders.
Sponsor development or documentation if you rely on the module in critical environments.

Community Documentation

See the module’s README file and in-code documentation for configuration details and examples.
Follow best-practice guides for secure file uploads in Drupal and adapt your patterns accordingly.
When you develop custom integrations or recipes, consider sharing them as community documentation or issue queue notes so others can benefit.