Question 1

What's the difference between encoding and encryption?

Accepted Answer

Encoding transforms data into a different format for transmission or storage - it's reversible without a key. Encryption transforms data to make it unreadable without a secret key. Base64 is encoding (decodable by anyone), AES is encryption (decodable only with the key). Never use encoding to protect sensitive data.

Question 2

Why does Base64 increase data size by 33%?

Accepted Answer

Base64 uses 64 characters to represent binary data. Each Base64 character encodes 6 bits (2^6 = 64). Three bytes (24 bits) become four Base64 characters (24 bits / 6 = 4). The 4/3 ratio ≈ 1.33 explains the 33% increase. With padding (=), the increase can reach 37%.

Question 3

What is URL encoding and when should I use it?

Accepted Answer

URL encoding converts characters unsafe for URLs into %XX sequences. Use it for: query parameters containing special characters, filenames with spaces, user data in URLs, and any character outside ASCII. Spaces become %20 (or +), accents like é become %C3%A9.

Question 4

How do I prevent XSS attacks with HTML encoding?

Accepted Answer

Encode all untrusted data before HTML insertion. Convert  to >, & to &, " to ", ' to '. Apply this encoding server-side before rendering. Modern frameworks (React, Vue, Angular) escape automatically, but beware of dangerouslySetInnerHTML or v-html.

Question 5

What is Base64URL and how does it differ from Base64?

Accepted Answer

Base64URL is a URL-safe variant. It replaces + with - and / with _ because these characters have special meanings in URLs. Padding (=) is often omitted. Base64URL is used in JWTs (JSON Web Tokens), file identifiers, and anywhere Base64 appears in a URL.

Question 6

Why are my accented characters displaying incorrectly?

Accepted Answer

This is usually a character encoding mismatch. Ensure that: the source file is UTF-8, HTTP headers specify charset=utf-8, the meta charset tag is present, and the database uses utf8mb4 (not utf8 which doesn't support all emojis). Most issues come from inconsistency between these elements.

Question 7

How do I encode images to Base64 for the web?

Accepted Answer

Convert the image to Base64 and use a data URI: data:image/png;base64,[data]. Advantages: fewer HTTP requests, works offline. Disadvantages: increases HTML size by 33%, no caching, slows parsing. Recommended only for small images (<10KB) like icons or placeholders.

Question 8

What is double encoding and how do I avoid it?

Accepted Answer

Double encoding occurs when already-encoded data is encoded again. For example, %20 becomes %2520. This happens when multiple code layers apply URL encoding. Solution: encode only once, at the point of URL insertion. Check your frameworks - some encode automatically.

Question 9

Do JWTs use Base64 or Base64URL?

Accepted Answer

JWTs use Base64URL (RFC 4648). A JWT has three parts separated by dots: header.payload.signature. Each part is Base64URL encoded. To decode a JWT, split by the dot, then decode each segment as Base64URL. Remember that the payload is not encrypted, only encoded.

Question 10

How do I handle encoding in REST APIs?

Accepted Answer

Use UTF-8 everywhere and specify it in Content-Type: application/json; charset=utf-8. Binary data must be Base64 in JSON. Encode URL parameters client-side. Validate and escape inputs server-side. Clearly document expected encoding in your API. Consistency is key.

Question 11

What is MIME and how does it relate to Base64?

Accepted Answer

MIME (Multipurpose Internet Mail Extensions) defines content formats for email and HTTP. Base64 is used in MIME to encode binary attachments into email-compatible ASCII text. The Content-Transfer-Encoding: base64 header indicates this format. This is why email attachments are often Base64.

Question 12

Why are some characters reserved in URLs?

Accepted Answer

URLs have strict syntax (RFC 3986). Reserved characters have special roles: / separates paths, ? starts parameters, & separates parameters, = links key and value, # marks a fragment. If these characters are part of your data, they must be encoded to avoid ambiguity.

Question 13

How does emoji encoding work?

Accepted Answer

Emojis are Unicode characters and can take up to 4 bytes in UTF-8. The 😀 emoji is code point U+1F600, encoded in UTF-8 as F0 9F 98 80. In URLs, this becomes %F0%9F%98%80. In HTML, you can use &#128512; or &#x1F600;. Databases must use utf8mb4, not utf8.

Question 14

What is percent-encoding?

Accepted Answer

Percent-encoding represents a byte as %XX where XX is the hexadecimal value. This is the mechanism behind URL encoding. For example, space (ASCII 32, hex 20) becomes %20. Multi-byte UTF-8 characters generate multiple %XX sequences. It's standardized in RFC 3986 for URIs.

Question 15

How do I decode a Base64 string with padding?

Accepted Answer

Base64 padding (= or ==) adjusts length to be a multiple of 4. One = means 2 bits of padding, == means 4 bits. To decode: ignore padding, decode remaining characters, ignore excess bits. Most libraries handle this automatically. In JavaScript, use atob() to decode.

Question 16

What's the difference between escape(), encodeURI(), and encodeURIComponent()?

Accepted Answer

escape() is deprecated - don't use it. encodeURI() encodes a complete URL but preserves structural characters (://?#). encodeURIComponent() encodes everything except alphanumerics - use it for individual parameters. Example: encodeURIComponent('a=1&b=2') gives 'a%3D1%26b%3D2'.

Question 17

How do I test if a string is valid Base64?

Accepted Answer

A valid Base64 string: contains only A-Za-z0-9+/= (or -_ for Base64URL), has length that's a multiple of 4 (with padding), padding (=) appears only at the end (max 2). In JavaScript, try atob(str) in a try-catch. A regex can verify format but not validity of decoded content.

Question 18

Why doesn't HTML encoding encode all characters?

Accepted Answer

HTML encoding targets dangerous or ambiguous characters:  prevent tag injection, & avoids conflicts with entities, " ' secure attributes. Other characters (letters, numbers) are safe in HTML. Encoding everything would be inefficient and unreadable. Context determines what needs encoding.

Text Encoder/Decoder

How to Use the Text Encoder/Decoder

Complete Guide to Text Encoding

What Is Base64 Encoding?

URL Encoding and Reserved Characters

HTML Entities and XSS Prevention

Character Encoding: UTF-8 and Unicode

Base64 Use Cases

Security and Encoding: What You Need to Know

Debugging and Developer Tools

Encoding Best Practices

library_booksLearn More

Related Articles

Related Tools

Frequently Asked Questions About Text Encoding

We value your privacy