Skip to main content

Encoding and decoding arbitrary strings into strings that are safe to put into a URL query param.

Project description

Build Status Coverage Status

Query string safe Base64

Encoding and decoding arbitrary strings into strings that are safe to put into a URL query param.

The problem

urlsafe_b64encode and urlsafe_b64decode from base64 are not enough because they leave = chars unquoted:

>>> import base64

>>> base64.urlsafe_b64encode('a')
>>> 'YQ=='

And there are 2 problems with that

  1. = sign gets quoted:

>>> import urllib

>>> urllib.quote('=')
'%3D'
  1. Some libraries tolerate the = in query string values:

    from urlparse import urlsplit, parse_qs

    parse_qs(urlsplit(’http://aaa.com/asa?q=AAAA=BBBB=CCCC’).query) {‘q’: [‘AAAA=BBBB=CCCC’]}

but the RFC 3986 underspecifies the query string so we cannot rely on = chars being handled by all web applications as it is done by urlparse.

Therefore we consider chars: ['+', '/', '='] unsafe and we replace them with ['-', '_', '.']. Characters + and / are already handled by urlsafe_* functions from base64 so only = is left for us. The . character has been chosen because it often appears in real world query strings and it is not used by base64.

The solution

>>> import querystringsafe_base64

>>> querystringsafe_base64.encode('foo-bar')
>>> 'Zm9vLWJhcg..'

>>> querystringsafe_base64.decode('Zm9vLWJhcg..')
>>> 'foo-bar'

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

querystringsafe_base64-1.0.0.tar.gz (4.3 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page