File upload fields are one of the most vulnerable elements in a Drupal form, highly prone to hack attempts. So these have to undergo thorough rounds of testing to make sure the data that goes in is perfectly safe.
Here are some test cases to help you with this:
- Ensure that a warning message (like "The selected file cannot be uploaded. Only files with the extensions given in the help text are allowed") is displayed when we try to upload a file type that is not supported.
- Ensure that proper error message is shown while trying to upload files of size lesser than the minimum limit and greater than the max limit specified.
- Ensure that files of correct extension and size can be uploaded to the site.
- Ensure that user can edit/delete the uploaded file.
- Ensure that the file viewed is the same one uploaded.
These should help you get started. Do let me know through the Comments box below if you have something more to add to this checklist. Happy Testing!