Base64 encoding is a method of converting binary data or text into a text string using 64 printable ASCII characters. It's widely used for data transfer in web APIs, email attachments (MIME), embedding images in HTML/CSS, and storing complex data in text-based formats like JSON or XML.
How Does Base64 Work?
Base64 uses 64 characters: A-Z, a-z, 0-9, +, and /. Every 3 bytes (24 bits) of input data is converted into 4 Base64 characters (24 bits). If the input length isn't divisible by 3, padding characters (=) are added to make it so.
URL-Safe Base64
Standard Base64 uses + and / which can cause issues in URLs and file names. URL-safe Base64 replaces these with - and _ respectively, and removes padding = characters, making it safe for use in URLs, cookies, and file names.
Common Use Cases
- Data URLs: Embedding images directly in HTML/CSS (e.g.,
data:image/png;base64,...) - Authentication: JWT tokens, Basic Auth headers
- Email Attachments: MIME encoding for binary files in email
- API Responses: Transmitting binary data over JSON APIs
- Storing Binary Data: Saving files in text-based databases
Code Examples
JavaScript (Browser)
// Encode to Base64 (with Unicode support)
const text = "Hello, World! 🌍";
const encoded = btoa(unescape(encodeURIComponent(text)));
console.log(encoded); // SGVsbG8sIFdvcmxkISDwn4yN
// Decode from Base64
const decoded = decodeURIComponent(escape(atob(encoded)));
console.log(decoded); // Hello, World! 🌍
// URL-safe Base64
const urlSafe = encoded.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
console.log(urlSafe); // SGVsbG8sIFdvcmxkISDwn4yNNode.js
// Encode to Base64
const text = "Hello, World!";
const encoded = Buffer.from(text).toString('base64');
console.log(encoded); // SGVsbG8sIFdvcmxkIQ==
// Decode from Base64
const decoded = Buffer.from(encoded, 'base64').toString('utf-8');
console.log(decoded); // Hello, World!
// URL-safe Base64
const urlSafe = Buffer.from(text).toString('base64url');
console.log(urlSafe); // SGVsbG8sIFdvcmxkIQ (no padding)Python
import base64
# Encode to Base64
text = "Hello, World!"
encoded = base64.b64encode(text.encode()).decode()
print(encoded) # SGVsbG8sIFdvcmxkIQ==
# Decode from Base64
decoded = base64.b64decode(encoded).decode()
print(decoded) # Hello, World!
# URL-safe Base64
url_safe = base64.urlsafe_b64encode(text.encode()).decode()
print(url_safe) # SGVsbG8sIFdvcmxkIQ==PHP
<?php
// Encode to Base64
$text = "Hello, World!";
$encoded = base64_encode($text);
echo $encoded; // SGVsbG8sIFdvcmxkIQ==
// Decode from Base64
$decoded = base64_decode($encoded);
echo $decoded; // Hello, World!
// URL-safe Base64
$urlSafe = strtr($encoded, '+/', '-_');
$urlSafe = rtrim($urlSafe, '=');
echo $urlSafe; // SGVsbG8sIFdvcmxkIQ
?>Security Considerations
⚠️ Important: Base64 is NOT encryption! It's simply an encoding scheme that makes binary data text-safe. Base64-encoded data can be easily decoded by anyone. Never use Base64 alone to protect sensitive information. Use proper encryption methods (AES, RSA) for security-sensitive data.