4

As I understand, TCP has a relatively reliable checksum mechanism, but there is a very small yet present chance of it returning a false positive.

Does HTTP use an application level checksum (perhaps a hash)? If not, why?

Improve this question

1 Answer 1

Reset to default
5

Yup (: the specs for HTTP/1.1 (RFC 2616) allow the use of a Content-MD5 header. Take a look at its section 14.15.

Copy-pasted:

The Content-MD5 entity-header field, as defined in RFC 1864 [23], is an MD5 digest of the entity-body for the purpose of providing an end-to-end message integrity check (MIC) of the entity-body.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

That's just for the payload (and also, deprecated).

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.