Validator

Validator

Base64 validator online. Check if a string is valid Base64 instantly. Detect encoding issues, padding problems, and invalid characters free.

0 chars

Base64 String

Base64 Validation Rules

  • β€’ Characters: A-Z, a-z, 0-9, +, / (or - _ for URL-safe)
  • β€’ Padding: Up to 2 equals signs (=) at the end only
  • β€’ Length: Must be divisible by 4 (with padding)

Features

  • Validate Base64 string format
  • Detect invalid characters
  • Check padding correctness
  • Identify encoding issues
  • Real-time validation as you type
  • Detailed error messages with line/column info

Common Use Cases

  • Verify Base64 strings before decoding
  • Debug API responses with Base64 data
  • Check Base64 integrity after transmission
  • Validate user-submitted Base64 input
  • Test Base64 encoding implementations

Base64 Validation Rules

Base64 validation checks if a string conforms to Base64 encoding rules. Invalid Base64 causes decoding errors, data corruption, or security vulnerabilities.

Valid Base64 rules:

  • Character set - Only A-Z, a-z, 0-9, +, /, and = (padding)
  • Padding - Must end with 0, 1, or 2 = characters
  • Length - Must be divisible by 4 (after padding)
  • Whitespace - Typically ignored but may indicate errors

Common errors:

  • Invalid characters (e.g., @, #, !)
  • Incorrect padding (too many or missing =)
  • Length not divisible by 4
  • Whitespace in unexpected places

Why validate? Invalid Base64 can crash decoders, cause security issues (injection attacks), or silently corrupt data. Always validate Base64 from untrusted sources.

Examples

Valid - Valid Base64 string
SGVsbG8sIFdvcmxkIQ==
// Length: 20 (divisible by 4)
// Padding: correct (2x =)
Invalid - Invalid character (@)
SGVsbG8@IFdvcmxkIQ==
// Contains @ which is not in Base64 alphabet
Invalid - Incorrect padding
SGVsbG8sIFdvcmxkIQ===
// Too many = padding characters (should be 0, 1, or 2)
Invalid - Length not divisible by 4
SGVsbG8sIFdvcmxk
// Length: 16 (correct)
SGVsbG8sIFdvcmxkI
// Length: 17 (invalid, not divisible by 4)

Frequently Asked Questions

What characters are allowed in Base64?

Standard Base64 uses 64 characters: uppercase A-Z (26), lowercase a-z (26), digits 0-9 (10), plus (+), and slash (/). The equals sign (=) is used for padding. URL-safe Base64 replaces + with - and / with _.

Why does my Base64 string fail validation?

Common reasons: (1) Invalid characters (check for spaces, tabs, newlines), (2) incorrect padding (should be 0, 1, or 2 = characters), (3) length not divisible by 4, or (4) mixing standard and URL-safe Base64 characters.

Should Base64 strings contain newlines or spaces?

No. Strict Base64 has no whitespace. However, some formats (like PEM certificates) split Base64 into 64-character lines for readability. Most decoders ignore whitespace, but it's best to remove it for validation and consistency.

Can Base64 validation detect corrupted data?

No. Validation only checks format (correct characters, padding, length). It cannot detect if the content is corrupted. Even if Base64 is valid, the decoded binary data might be corrupted. Use checksums (MD5, SHA-256) to verify data integrity.

Is URL-safe Base64 valid for standard Base64 validators?

No. Standard Base64 validators will reject - and _ characters as invalid. URL-safe Base64 requires a separate validation rule. Always specify which Base64 variant you're validating (standard or URL-safe).