Is this a good approach to address double-base64-encoding?
- by Freiheit
My software understands attachments, like PNGs attached to user records. These attachments are usually sent in from outside sources as a Base64 encoded string. The database stores whatever data it is given, Base64 encoded or not.
When I serve up the attachment for download I do this:
if (Base64.isBase64(data)) {
data = Base64.decodeBase64(data);
}
There is a potential for data that is double encoded. For instance the sender of a message had base64 encoded data, then encoded it again when building the message to send to me. I think the following code would address that circumstance:
while (Base64.isBase64(data)) {
data = Base64.decodeBase64(data);
}
So if data is encoded multiple times, it would be decoded until its in its 'raw' state and then served up for download.
Is this approach an acceptable way to address that problem?
Ideally some sort of checking could happen at the edge when I receive attachment data, but that will take more time. This looping seems to be a faster way to do it.
The 'Base64' library is Apache Commons: http://commons.apache.org/codec/apidocs/org/apache/commons/codec/binary/Base64.html I trust it to properly identify Base64 encoded data.