CDR API API Reference

Use the Content Disarm and Reconstruction API to remove security risks from documents by tearing them down, removing unsafe content and rebuilding them.

API Endpoint
https://api.cloudmersive.com
Terms of Service: https://portal.cloudmersive.com/terms-of-service
Schemes: https
Version: v1

Authentication

Apikey

API Key Authentication

type
apiKey
name
Apikey
in
header

Paths

FileSanitization

Content Disarm and Reconstruction on a File

POST /cdr/sanitization/file


Processes the input file via CDR to produce a secured output file. Input content is parsed, disarmed, and then reconstructed into a new output file with the same file format as the input.



InputFile: file
in formData

Input document, or photos of a document, to extract data from

Code Example:
200 OK

OK

type
string (binary)
400 Bad Request
ProblemDetails

Bad Request

401 Unauthorized
ProblemDetails

Unauthorized

Response Content-Types: application/octet-stream
Response Example (200 OK) 
"string (binary)"
Response Example (400 Bad Request) 
{
  "type": "string",
  "title": "string",
  "status": "integer (int32)",
  "detail": "string",
  "instance": "string"
}
Response Example (401 Unauthorized) 
{
  "type": "string",
  "title": "string",
  "status": "integer (int32)",
  "detail": "string",
  "instance": "string"
}
FileSanitization

Advanced Content Disarm and Reconstruction on a File

POST /cdr/sanitization/file/advanced


Processes the input file via CDR to produce a secured output file with advanced scan options and response headers containing scan metadata.



allowExecutables: boolean
in header

Set to false to block executable files (EXE, DLL, etc.)

allowInvalidFiles: boolean
in header

Set to false to block files that are not valid for their detected type

allowScripts: boolean
in header

Set to false to block script files. PDF and Office macro sanitization still runs regardless.

allowPasswordProtectedFiles: boolean
in header

Set to false to block password-protected files

allowMacros: boolean
in header

Set to false to block files containing macros. Office macro removal still runs regardless.

allowXmlExternalEntities: boolean
in header

Set to false to block XML files with external entity references (XXE)

allowInsecureDeserialization: boolean
in header

Set to false to block files with insecure deserialization patterns

allowHtml: boolean
in header

Set to false to block HTML files

allowUnsafeArchives: boolean
in header

Set to false to block archive files flagged as unsafe (e.g., zip bombs)

allowOleEmbeddedObject: boolean
in header

Set to false to block files with embedded OLE objects

allowUnwantedAction: boolean
in header

Set to false to block files with unwanted actions

restrictFileTypes: string
in header

Comma-separated list of allowed file extensions (e.g., ".pdf,.docx,.xlsx"). Files not matching will be blocked.

InputFile: file
in formData

Input document to CDR process

Code Example:
200 OK

OK

type
string (binary)
400 Bad Request
ProblemDetails

Bad Request

401 Unauthorized
ProblemDetails

Unauthorized

Response Content-Types: application/octet-stream
Response Example (200 OK) 
"string (binary)"
Response Headers (200 OK)
X-CDR-CleanResult

Whether the file passed the virus scan

 boolean
X-CDR-ContainsExecutable

File contains executable content

 boolean
X-CDR-ContainsInvalidFile

File is invalid for its detected type

 boolean
X-CDR-ContainsScript

File contains scripts

 boolean
X-CDR-ContainsPasswordProtectedFile

File is password-protected

 boolean
X-CDR-ContainsRestrictedFileFormat

File is a restricted format

 boolean
X-CDR-ContainsMacros

File contains macros

 boolean
X-CDR-ContainsXmlExternalEntities

File has XXE references

 boolean
X-CDR-ContainsInsecureDeserialization

File has insecure deserialization

 boolean
X-CDR-ContainsHtml

File contains HTML

 boolean
X-CDR-ContainsUnsafeArchive

File is an unsafe archive

 boolean
X-CDR-ContainsOleEmbeddedObject

File has OLE embedded objects

 boolean
X-CDR-ContainsUnwantedAction

File has unwanted actions

 boolean
X-CDR-ContainsJSON

File contains JSON

 boolean
X-CDR-ContainsXML

File contains XML

 boolean
X-CDR-ContainsImage

File contains images

 boolean
X-CDR-IsAuthenticodeSigned

File is Authenticode signed

 boolean
X-CDR-VerifiedFileFormat

Detected file format (e.g., .docx)

 string
X-CDR-FoundViruses

JSON array of found virus names, or empty if clean

 string
X-CDR-HashSHA1

SHA1 hash of the input file

 string
Response Example (400 Bad Request) 
{
  "type": "string",
  "title": "string",
  "status": "integer (int32)",
  "detail": "string",
  "instance": "string"
}
Response Example (401 Unauthorized) 
{
  "type": "string",
  "title": "string",
  "status": "integer (int32)",
  "detail": "string",
  "instance": "string"
}
FileSanitization

Content Disarm and Reconstruction on a File with PDFA Output

POST /cdr/sanitization/file/to/pdf


Processes the input file via CDR to produce a secured PDF/A output file. Input content is parsed, disarmed, and then reconstructed into a new PDF/A output file.



InputFile: file
in formData

Input document, or photos of a document, to extract data from

Code Example:
200 OK

OK

type
string (binary)
400 Bad Request
ProblemDetails

Bad Request

401 Unauthorized
ProblemDetails

Unauthorized

Response Content-Types: application/octet-stream
Response Example (200 OK) 
"string (binary)"
Response Example (400 Bad Request) 
{
  "type": "string",
  "title": "string",
  "status": "integer (int32)",
  "detail": "string",
  "instance": "string"
}
Response Example (401 Unauthorized) 
{
  "type": "string",
  "title": "string",
  "status": "integer (int32)",
  "detail": "string",
  "instance": "string"
}
FileSanitization

Advanced Content Disarm and Reconstruction on a File with PDFA Output

POST /cdr/sanitization/file/to/pdf/advanced


Processes the input file via CDR to produce a secured PDF/A output file with advanced scan options and response headers containing scan metadata.



allowExecutables: boolean
in header

Set to false to block executable files (EXE, DLL, etc.)

allowInvalidFiles: boolean
in header

Set to false to block files that are not valid for their detected type

allowScripts: boolean
in header

Set to false to block script files. PDF and Office macro sanitization still runs regardless.

allowPasswordProtectedFiles: boolean
in header

Set to false to block password-protected files

allowMacros: boolean
in header

Set to false to block files containing macros. Office macro removal still runs regardless.

allowXmlExternalEntities: boolean
in header

Set to false to block XML files with external entity references (XXE)

allowInsecureDeserialization: boolean
in header

Set to false to block files with insecure deserialization patterns

allowHtml: boolean
in header

Set to false to block HTML files

allowUnsafeArchives: boolean
in header

Set to false to block archive files flagged as unsafe (e.g., zip bombs)

allowOleEmbeddedObject: boolean
in header

Set to false to block files with embedded OLE objects

allowUnwantedAction: boolean
in header

Set to false to block files with unwanted actions

restrictFileTypes: string
in header

Comma-separated list of allowed file extensions (e.g., ".pdf,.docx,.xlsx"). Files not matching will be blocked.

InputFile: file
in formData

Input document to CDR process

Code Example:
200 OK

OK

type
string (binary)
400 Bad Request
ProblemDetails

Bad Request

401 Unauthorized
ProblemDetails

Unauthorized

Response Content-Types: application/octet-stream
Response Example (200 OK) 
"string (binary)"
Response Headers (200 OK)
X-CDR-CleanResult

Whether the file passed the virus scan

 boolean
X-CDR-ContainsExecutable

File contains executable content

 boolean
X-CDR-ContainsInvalidFile

File is invalid for its detected type

 boolean
X-CDR-ContainsScript

File contains scripts

 boolean
X-CDR-ContainsPasswordProtectedFile

File is password-protected

 boolean
X-CDR-ContainsRestrictedFileFormat

File is a restricted format

 boolean
X-CDR-ContainsMacros

File contains macros

 boolean
X-CDR-ContainsXmlExternalEntities

File has XXE references

 boolean
X-CDR-ContainsInsecureDeserialization

File has insecure deserialization

 boolean
X-CDR-ContainsHtml

File contains HTML

 boolean
X-CDR-ContainsUnsafeArchive

File is an unsafe archive

 boolean
X-CDR-ContainsOleEmbeddedObject

File has OLE embedded objects

 boolean
X-CDR-ContainsUnwantedAction

File has unwanted actions

 boolean
X-CDR-ContainsJSON

File contains JSON

 boolean
X-CDR-ContainsXML

File contains XML

 boolean
X-CDR-ContainsImage

File contains images

 boolean
X-CDR-IsAuthenticodeSigned

File is Authenticode signed

 boolean
X-CDR-VerifiedFileFormat

Detected file format (e.g., .docx)

 string
X-CDR-FoundViruses

JSON array of found virus names, or empty if clean

 string
X-CDR-HashSHA1

SHA1 hash of the input file

 string
Response Example (400 Bad Request) 
{
  "type": "string",
  "title": "string",
  "status": "integer (int32)",
  "detail": "string",
  "instance": "string"
}
Response Example (401 Unauthorized) 
{
  "type": "string",
  "title": "string",
  "status": "integer (int32)",
  "detail": "string",
  "instance": "string"
}

Schema Definitions

ProblemDetails: object

type: string
title: string
status: integer (int32)
detail: string
instance: string
object
Example
{
  "type": "string",
  "title": "string",
  "status": "integer (int32)",
  "detail": "string",
  "instance": "string"
}