应该执行什么字符替换,使基地64编码URL安全吗? [英] What character replacements should be performed to make base 64 encoding URL safe?
问题描述
在看的URL安全基地64编码,我发现这是一个非常不标准的东西。尽管建在PHP具有功能丰富的数字,没有一个网址安全基地64编码。在手册页 base64_en code()
,大部分意见建议使用该功能,包裹着 strtr函数的效率()
:
In looking at URL safe base 64 encoding, I've found it to be a very non-standard thing. Despite the copious number of built in functions that PHP has, there isn't one for URL safe base 64 encoding. On the manual page for base64_encode()
, most of the comments suggest using that function, wrapped with strtr()
:
function base64_url_encode($input)
{
return strtr(base64_encode($input), '+/=', '-_,');
}
唯一的Perl模块我能找到在这方面是的 MIME :: Base64编码:: URLSafe (的来源),它在内部执行以下替换:
The only Perl module I could find in this area is MIME::Base64::URLSafe (source), which performs the following replacement internally:
sub encode ($) {
my $data = encode_base64($_[0], '');
$data =~ tr|+/=|\-_|d;
return $data;
}
与上面的PHP函数,这个Perl版本滴'='(等于)字符完全,而不是用','(逗号)作为PHP做替换。相当于是一个填充字符,所以需要在德code中的Perl模块取代了他们,但这种差异使得两种实现方式不兼容。
Unlike the PHP function above, this Perl version drops the '=' (equals) character entirely, rather than replacing it with ',' (comma) as PHP does. Equals is a padding character, so the Perl module replaces them as needed upon decode, but this difference makes the two implementations incompatible.
最后,Python函数 urlsafe_b64en code(S )保持'='填充周围,促使有人竖起此功能删除其突出显示在谷歌结果的蟒蛇的base64网址安全:
Finally, the Python function urlsafe_b64encode(s) keeps the '=' padding around, prompting someone to put up this function to remove the padding which shows prominently in Google results for 'python base64 url safe':
from base64 import urlsafe_b64encode, urlsafe_b64decode
def uri_b64encode(s):
return urlsafe_b64encode(s).strip('=')
def uri_b64decode(s):
return urlsafe_b64decode(s + '=' * (4 - len(s) % 4))
这里的愿望是具有可以被包括在不经进一步编码的URL的字符串,因此开沟或的字符+,/,和=的翻译。由于没有一个定义的标准,什么是正确的方法是什么?
推荐答案
有确实出现了一个标准,它是 RFC 3548 ,第4节的基地64编码,URL和文件名安全字母的:
There does appear to be a standard, it is RFC 3548, Section 4, Base 64 Encoding with URL and Filename Safe Alphabet:
此编码是技术上完全相同
到previous之一,除了
62:Nd和63:RD字母字符,如
表2所示。
This encoding is technically identical to the previous one, except for the 62:nd and 63:rd alphabet character, as indicated in table 2.
+
和 /
应改为 - (减号)
和 _(understrike)
分别。任何不兼容的库应包装,以便它们符合RFC 3548。
+
and /
should be replaced by - (minus)
and _ (understrike)
respectively. Any incompatible libraries should be wrapped so they conform to RFC 3548.
请注意,这需要你URL连接code中的(垫)=
字符,但我preFER,超过URL编码 +
和 /
从标准的base64字母字符。
Note that this requires that you URL encode the (pad) =
characters, but I prefer that over URL encoding the +
and /
characters from the standard base64 alphabet.
这篇关于应该执行什么字符替换,使基地64编码URL安全吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!