ICS
text/calendar
Magic Bytes
Offset: 0
42 45 47 49 4E 3A 56 43 41 4C 45 4E 44 41 52
The iCalendar (ICS) format is an open standard for exchanging calendar and scheduling information, maintained by the Internet Engineering Task Force (IETF). It is universally supported by email clients and calendar applications, including Microsoft Outlook, Google Calendar, and Apple Calendar, to transmit meeting requests, tasks, and event details. While the plain-text structure is generally benign, unsolicited ICS files are occasionally utilized in calendar spamming campaigns to clutter user schedules with promotional links.
Validation Code
How to validate .ics files in Python
Python
def is_ics(file_path: str) -> bool:
"""Check if file is a valid ICS by magic bytes."""
signature = bytes([0x42, 0x45, 0x47, 0x49, 0x4E, 0x3A, 0x56, 0x43, 0x41, 0x4C, 0x45, 0x4E, 0x44, 0x41, 0x52])
with open(file_path, "rb") as f:
return f.read(15) == signatureHow to validate .ics files in Node.js
Node.js
function isICS(buffer: Buffer): boolean {
const signature = Buffer.from([0x42, 0x45, 0x47, 0x49, 0x4E, 0x3A, 0x56, 0x43, 0x41, 0x4C, 0x45, 0x4E, 0x44, 0x41, 0x52]);
return buffer.subarray(0, 15).equals(signature);
}
Go
func IsICS(data []byte) bool {
signature := []byte{0x42, 0x45, 0x47, 0x49, 0x4E, 0x3A, 0x56, 0x43, 0x41, 0x4C, 0x45, 0x4E, 0x44, 0x41, 0x52}
if len(data) < 15 {
return false
}
return bytes.Equal(data[:15], signature)
}API Endpoint
GET
/api/v1/ics
curl https://filesignature.org/api/v1/ics