If this were possible to do prior to posting a form, it may save me having to upload the file to my server...

To do that you would have to load the file's binary information into JavaScript. Which is not possible.

But here's an implementation of SHA1 in JavaScript.

Actually you can read the contents of a client-side file now, as long as it's chosen in a file upload field and you are using Firefox. See the input.files array. You can then indeed hash it, although it might be rather slow.

See How would I get a Hash value of a users file with Javascript or Flash? for an example and a compact SHA-1 implementation.

It is possible to use SHA1, though performance isn't going to be the best...

For anything over a few hundred KB's you will have to run some benchmarks and determine if indeed its a viable solution.

See this link for a good implementation (passpack and quite a few OS projects use it)

Edit: As other have already replied, actually getting the file contents may be a whole different matter - so unless you use something like Google Gears or Adobe AIR it should be virtually impossible.

One can read their local file using the HTML5 File interface: https://developer.mozilla.org/en-US/docs/Web/API/File

And then you can use a library for like Crypto.js https://code.google.com/p/crypto-js/ to finish the hash over the read text.

No, you can't access a file from a local computer using JavaScript .

You're going to have to upload it first to the server, then checking the checksum of the file.

Not natively, no, and this is a bad idea anyway. Every byte in the file will have to be loaded into memory by Javascript, and you'd need a way to get it there.

If you must do this and you've got a way to put the file's binary information into your script, then there's plenty of third-party scripts you can use. Here's one, for example.

You could do this with a Java applet. I've never used any of them, but there are quite a few Java upload applets out there. The hash algorithm itself is available with Java and can be accessed through java.security.MessageDigest. If the client doesn't have the Java plug-in available you could just fail back to a regular upload and hash on the server.

A side note: depending upon why you're hashing the file you'll probably want to re-hash it on the server after the upload rather than trust the client.