Comment 12 for bug 1619675

I guess we need to check for the existence of Content-MD5 in a response and only use it when it exists. When it doesn't exist we should log a warning that it's not being validated, and then hopefully in the future we just always receive Content-MD5.