应该执行什么角色替换来使基础64编码URL安全？ [英] What character replacements should be performed to make base 64 encoding URL safe?

问题描述

在查看URL安全基础64编码时，我发现它是非常非标准的。尽管PHP拥有丰富的内置函数，但是没有一个用于URL安全基础64编码。在 base64_encode（） 的手册页面上，大多数评论建议使用该功能，用 strtr（）包装：

In looking at URL safe base 64 encoding, I've found it to be a very non-standard thing. Despite the copious number of built in functions that PHP has, there isn't one for URL safe base 64 encoding. On the manual page for base64_encode(), most of the comments suggest using that function, wrapped with strtr():

function base64_url_encode($input)
{
     return strtr(base64_encode($input), '+/=', '-_,');
}

我可以在这个区域找到唯一的Perl模块是 MIME :: Base64 :: URLSafe （ 来源） ，它在内部执行以下替换：

The only Perl module I could find in this area is MIME::Base64::URLSafe (source), which performs the following replacement internally:

sub encode ($) {
    my $data = encode_base64($_[0], '');
    $data =~ tr|+/=|\-_|d;
    return $data;
}

与上面的PHP函数不同，此Perl版本删除'=' ）字符，而不是像PHP那样用'，'（逗号）替换它。等于是一个填充字符，所以Perl模块在解码时根据需要替换它们，但是这种差异使得两个实现不兼容。

Unlike the PHP function above, this Perl version drops the '=' (equals) character entirely, rather than replacing it with ',' (comma) as PHP does. Equals is a padding character, so the Perl module replaces them as needed upon decode, but this difference makes the two implementations incompatible.

最后，Python函数 urlsafe_b64encode（s）保持'='填充，促使某人放下< a href =http://snipplr.com/view/15110/urlsafe-base64-functions/ =nofollow noreferrer>此功能删除在Google结果中显着突出显示'python base64 url​​ safe'：

Finally, the Python function urlsafe_b64encode(s) keeps the '=' padding around, prompting someone to put up this function to remove the padding which shows prominently in Google results for 'python base64 url safe':

from base64 import urlsafe_b64encode, urlsafe_b64decode

def uri_b64encode(s):
    return urlsafe_b64encode(s).strip('=')

def uri_b64decode(s):
    return urlsafe_b64decode(s + '=' * (4 - len(s) % 4))

这里的需求是将一个可以包含在URL中的字符串，而不需要进一步的编码，因此，翻译或翻译的字符'+'，'/'和'='。由于没有一个定义的标准，正确的方法是什么？

The desire here is to have a string that can be included in a URL without further encoding, hence the ditching or translation of the characters '+', '/', and '='. Since there isn't a defined standard, what is the right way?

推荐答案

作为标准，它是 RFC 3548 ，第4节，基本64编码使用URL和文件名安全字母表：

There does appear to be a standard, it is RFC 3548, Section 4, Base 64 Encoding with URL and Filename Safe Alphabet:

这个编码在技术上与前一个相同，
除外
62：nd和63：rd字母，如表2所示，
。

This encoding is technically identical to the previous one, except for the 62:nd and 63:rd alphabet character, as indicated in table 2.

+ 和 / 应替换为 - （减号）和<$分别为c $ c> _（下滑）。任何不兼容的库都应该被包装，以符合RFC 3548。

+ and / should be replaced by - (minus) and _ (understrike) respectively. Any incompatible libraries should be wrapped so they conform to RFC 3548.

请注意，这要求您将URL编码为（pad）= 字符，但我更喜欢通过标准base64字母表中的 + 和 / 字符的URL编码。

Note that this requires that you URL encode the (pad) = characters, but I prefer that over URL encoding the + and / characters from the standard base64 alphabet.

这篇关于应该执行什么角色替换来使基础64编码URL安全？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！