Is it possible for file corruption to occur during a form-based web page file upload? I'm talking about when an input of type "file" is submitted as part of a form and a file is saved somewhere on the server (usually in a server-app-defined temporary upload directory). If corruption is possible during this transfer, is there any way to tell without knowing a file's checksum before performing the upload and confirming that the checksum has not changed after the upload?
We all upload files to various sites on a regular basis without calculating checksums in advance. If there isn't some kind of check, are we risking corruption every time?
There should not be any corruption: TCP (HTTP's underlying transport) has built-in message integrity checking using checksums. Yes, there is a very small chance of a corrupted message having a correct checksum , but this is generally not worth going out-of-your-way to identify and correct. According to this paper ( http://dl.acm.org/citation.cfm?id=347561&dl=GUIDE&coll=GUIDE ) the odds of a corrupted packet being delivered are between 1-in-16 million to 1-in-10 billion packets. Most packets are about 1.4KB (due to Ethernet's MTU), so if your average uploaded file is 1MB then the risk of each 1MB upload being corrupted is between 1-in-2800 or 1-in-1.7million. That's quite a range, and the 1-in-2800 figure certainly gives me pause-for-thought, but it's your call.
TCP ensures that the packet will be resent if the recipient's network stack detects a corruption, this is transparent to the application using TCP, especially your browser-based application.
You could use HTTPS for greater message integrity security, by the way.