Hacker Read

themstheones · 2012-07-31 15:31:17+00:00

What's to stop someone from storing a base 64 encoded image in a text field?

josefx | karma 4586 | avg karma 2.35 · | 2024-03-26 06:27:56

base64 encoded fields it is.

JoyrexJ9 | karma 125 | avg karma 2.5 · | 2021-02-17 16:24:19+00:00

How far do you take that line of reasoning? Base64 is text?

bhl | karma 1344 | avg karma 3.96 · | 2020-01-10 05:41:51

Why save images inline? The src wouldn’t be human readable if it’s base 64 encoded.

Flam | karma 189 | avg karma 1.91 · | 2012-08-12 19:35:35+00:00

I removed the image completely now courtesy of another commenter. Anyhow, wouldn't base64 be cheating? ;)

uptown | karma 76445 | avg karma 11.62 · | 2013-07-15 13:56:19+00:00

It's a base64 encoded image. What's the big deal?

adtac | karma 4292 | avg karma 4.8 · | 2016-11-08 14:36:22+00:00

Am I allowed to Base64 encode the image into the HTML document?

AtHeartEngineer | karma 233 | avg karma 1.99 · | 2020-06-20 13:45:01+00:00

Why did you base64 it? I was expecting an image, but if it's just text, why didnt you just post the text?

hyperhello | karma 693 | avg karma 3.24 · | 2024-01-13 22:59:58

What if you Base64 encode this? Pretty trivial to add to the form logic.

gecko_dude | karma 3 | avg karma 1.5 · | 2011-06-12 14:44:38+00:00

I understood his post perfectly well. By using base64 to store passwords is just as bas as storing them in plain text, because you only rely on the good will of the person who has access to them.

When dealing with security, this sort of practice should be avoided at all costs e.g. a sacrifice to the functionality of your product.

reply

stop50 | karma 534 | avg karma 0.54 · | 2024-06-23 19:37:36

Usually they encode anything except plain text with base64 since it is safe from these problems.

loopz | karma 2044 | avg karma 0.95 · | 2021-12-31 05:01:37

Base64 is a well-known plain-text encoding format. Using it as an encryption format violates privacy laws.

sethammons | karma 7497 | avg karma 2.33 · | 2021-04-28 22:31:43

Images can be base64 encoded into emails

Someone | karma 30129 | avg karma 2.33 · | 2011-01-17 18:27:52+00:00

1. The decoded Base64 data is smaller (three quarters of the size?) than the encoded data.

2. Keeping only the encoded data would mean having to decode it every time the image gets redisplayed.

Ideally, one would remove the Base64 coded data from the document, and cache the binary data.

reply

macspoofing | karma 9547 | avg karma 2.45 · | 2023-01-09 13:50:56

Base 64 is fine - he just needs to url-encode the parameter.

nextaccountic | karma 4934 | avg karma 2.25 · | 2021-10-25 21:38:10

Is the base64 in there actually a measure intended to stop copyright infringement? It can't be, base64 is completely transparent. The reason things are encoded in base64 is so that they can be transmitted in a subset of ascii (and thus be embedded in plain text formats like html).

ISO-morphism | karma 633 | avg karma 5.46 · | 2020-03-06 15:27:57

Base64 encode, no such thing as text-only.

rmc | karma 15660 | avg karma 2.36 · | 2012-07-31 09:20:39

This has 2 problems:

* You can base64 encode any file, so it'll look like text. Limitations on message size might solve that.

* Sometimes, photos and videos are important. Think of the Abu Ghraib torture pictures, the Tianamen Square Tank Man. Sometimes photos & videos are censored and should be shared with the world.

reply

vlfig | karma 86 | avg karma 4.3 · | 2021-02-24 23:09:58+00:00

Base64 padding, probably.

SigmundA | karma 3035 | avg karma 2.25 · | 2019-05-03 18:13:07+00:00

Are you talking about text? No base64 is not an efficient way to store raster images, neither is vector markup.