The Content-MD5 header and ContentMD5Value parameter are used as a message
integrity check to verify that the decoded data received is the same data that was initially
When you use the SubmitFeed operation, you must create an MD5 hash of
the HTTP entity body, and include it in your request. You should include the hash in a
ContentMD5Value parameter. This lets Amazon Marketplace Web Service (Amazon MWS)
compare the MD5 hash you create with the MD5 hash it creates when it receives the feed. Amazon MWS can then determine if the feed submitted for processing is
identical to the feed that was received. This process prevents corrupted descriptive data or
pricing product data from appearing in Amazon product listings.
For backward compatibility, you can still include the hash in the Content-MD5 header when
calling SubmitFeed. Passing the MD5 value as a SubmitFeed
parameter instead of a header means that the MD5 hash is included in the method signature, which
prevents anyone on the network from tampering with the feed content. Passing a Content-MD5 header
prevents accidental corruption but not intentional tampering.
When you use the GetFeedSubmissionResult operation, you must calculate
an MD5 hash for the received feeds report and compare that with the Content-MD5 header that is
included in the response. If the two match, the report was not corrupted in transmission.
The Amazon MWS client libraries provide an easy way to pass in the
Content-MD5 hash with every Amazon MWS request, as long as you send
data that has been stored on disk and an MD5 hash has been created for the data. For more
information about working with the Content-MD5 header, see Working with Content-MD5 checksums.