Malware scanners located at HTTP/HTTPS proxy level should be able to scan malware in any transfer and content encoding
that web server and browser may use.
In addition it must not bypass files because of faked content types or unknown file name extensions and it should have a policy for password protected archives, nested archives and multipart archives.
Test these links with your HTTP/HTTPS proxy malware scanner. Every malware scanner is able to find the EICAR test string. Should your scanner fail with some of the formats, the retrieved test file will not do any harm to your computer. When executed, it simply displays a test string. More information on the EICAR.org web page.
EICAR test file (combination encoding)A combination of gzip content encoding, chunked transfer encoding and Content-Diposition header.