** Description changed: - When trying to download a OneDrive file that has been incorrectly - flagged as a virus, I get this error: + [ Impact ] + + When users try to download files that have been flagged by OneDrive's anti-virus, + they are not able to download the file and receive an insufficient error message: + + > `Failed to copy: failed to open source object: 403 Forbidden:` + + The main consequence of this bug is confusion in terms of what has gone wrong, and + how to fix it. Backporting the fix makes it considerably less likely that users require + support for a problem that has already been solved upstream. + + The upload introduces a commit that captures the response header which includes + information regarding virus detection, and an optional override flag in cases where + the user is absolutely certain that the detection is incorrect. + + [ Test Plan ] + + *Assuming a remote has been setup for OneDrive, see + https://rclone.org/onedrive/* + + 1) A commonly used (but harmless) test file for anti-virus is EICAR. This is used by Microsoft + in testing their Defender service + (see https://learn.microsoft.com/en-us/defender-endpoint/validate-antimalware). + Download EICAR using the following command: + ```shell + curl -o eicar.com.txt https://secure.eicar.org/eicar.com.txt + ``` + + 2) Through the OneDrive web UI (https://onedrive.live.com/) or Windows client, + upload `eicar.com.txt` to a directory `temp`. This should get flagged as a virus + by OneDrive's scanner. + + 3) Using `rclone copy`, download the folder to your host: + ```shell + rclone copy remote:temp ./temp + ``` + + [ Where problems could occur ] + + Largely the upload extends a code block if-check which further examines if the response header + includes "X-Virus-Infected", in which case the user is notified of this through + the command-line. A related issue would most likely occur if the OneDrive API changes + to utilize a different header, in which case the previous behaviour would re-emerge. + + Another possible problem is the override flag not working correctly. As such the user could + also be referred to the website, as an alternative to mitigate the problem. + + [ Other Info ] + + Possible questions + + * **Q1**: Could this be considered unsafe if the user bypasses a valid virus prevention error? + * **A1**: The user is, in OneDrive's current state, able to bypass the prevention through the web UI, + which must be accessed in order to upload the file. The override flag introduced in this fix only + passes an already exsiting parameter to the API. + + [Original Bug] + When trying to download a OneDrive file that has been incorrectly flagged as a virus, I get this error: > `Failed to copy: failed to open source object: 403 Forbidden:` This is the same error as reported on upstream: https://github.com/rclone/rclone/issues/557 --- * Ubuntu release: 25.10 * rclone version: 1.60.1+dfsg-4ubuntu1 What I expect to happen: * I get an error that explains why I can't download the file and an eventual remedy for the error. What actually happened: * I get an inexplicit error code that gives no information on why I could not download the file.
** Description changed: [ Impact ] When users try to download files that have been flagged by OneDrive's anti-virus, they are not able to download the file and receive an insufficient error message: > `Failed to copy: failed to open source object: 403 Forbidden:` The main consequence of this bug is confusion in terms of what has gone wrong, and how to fix it. Backporting the fix makes it considerably less likely that users require support for a problem that has already been solved upstream. - The upload introduces a commit that captures the response header which includes + The upload introduces a commit that captures the response header which includes information regarding virus detection, and an optional override flag in cases where the user is absolutely certain that the detection is incorrect. [ Test Plan ] *Assuming a remote has been setup for OneDrive, see https://rclone.org/onedrive/* - 1) A commonly used (but harmless) test file for anti-virus is EICAR. This is used by Microsoft - in testing their Defender service + 1) A commonly used (but harmless) test file for anti-virus is EICAR. This is used by Microsoft + in testing their Defender service (see https://learn.microsoft.com/en-us/defender-endpoint/validate-antimalware). Download EICAR using the following command: ```shell curl -o eicar.com.txt https://secure.eicar.org/eicar.com.txt ``` 2) Through the OneDrive web UI (https://onedrive.live.com/) or Windows client, upload `eicar.com.txt` to a directory `temp`. This should get flagged as a virus by OneDrive's scanner. 3) Using `rclone copy`, download the folder to your host: ```shell rclone copy remote:temp ./temp ``` [ Where problems could occur ] Largely the upload extends a code block if-check which further examines if the response header includes "X-Virus-Infected", in which case the user is notified of this through the command-line. A related issue would most likely occur if the OneDrive API changes to utilize a different header, in which case the previous behaviour would re-emerge. - Another possible problem is the override flag not working correctly. As such the user could + Another possible problem is the override flag not working correctly. As such the user could also be referred to the website, as an alternative to mitigate the problem. [ Other Info ] Possible questions * **Q1**: Could this be considered unsafe if the user bypasses a valid virus prevention error? - * **A1**: The user is, in OneDrive's current state, able to bypass the prevention through the web UI, - which must be accessed in order to upload the file. The override flag introduced in this fix only + * **A1**: The user is, in OneDrive's current state, able to bypass the prevention through the web UI, + which must be accessed in order to upload the file. The override flag introduced in this fix only passes an already exsiting parameter to the API. - [Original Bug] + [ Original Bug ] When trying to download a OneDrive file that has been incorrectly flagged as a virus, I get this error: > `Failed to copy: failed to open source object: 403 Forbidden:` This is the same error as reported on upstream: https://github.com/rclone/rclone/issues/557 --- * Ubuntu release: 25.10 * rclone version: 1.60.1+dfsg-4ubuntu1 What I expect to happen: * I get an error that explains why I can't download the file and an eventual remedy for the error. What actually happened: * I get an inexplicit error code that gives no information on why I could not download the file. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2122642 Title: Insufficient information when OneDrive AV is flagged To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rclone/+bug/2122642/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
