Validator
Base64 validator online. Check if a string is valid Base64 instantly. Detect encoding issues, padding problems, and invalid characters free.
Base64 String
Base64 Validation Rules
- β’ Characters: A-Z, a-z, 0-9, +, / (or - _ for URL-safe)
- β’ Padding: Up to 2 equals signs (=) at the end only
- β’ Length: Must be divisible by 4 (with padding)
Features
- Validate Base64 string format
- Detect invalid characters
- Check padding correctness
- Identify encoding issues
- Real-time validation as you type
- Detailed error messages with line/column info
Common Use Cases
- Verify Base64 strings before decoding
- Debug API responses with Base64 data
- Check Base64 integrity after transmission
- Validate user-submitted Base64 input
- Test Base64 encoding implementations
Base64 Validation Rules
Base64 validation checks if a string conforms to Base64 encoding rules. Invalid Base64 causes decoding errors, data corruption, or security vulnerabilities.
Valid Base64 rules:
- Character set - Only A-Z, a-z, 0-9, +, /, and = (padding)
- Padding - Must end with 0, 1, or 2
=characters - Length - Must be divisible by 4 (after padding)
- Whitespace - Typically ignored but may indicate errors
Common errors:
- Invalid characters (e.g.,
@,#,!) - Incorrect padding (too many or missing
=) - Length not divisible by 4
- Whitespace in unexpected places
Why validate? Invalid Base64 can crash decoders, cause security issues (injection attacks), or silently corrupt data. Always validate Base64 from untrusted sources.
Examples
SGVsbG8sIFdvcmxkIQ==
// Length: 20 (divisible by 4)
// Padding: correct (2x =)SGVsbG8@IFdvcmxkIQ==
// Contains @ which is not in Base64 alphabetSGVsbG8sIFdvcmxkIQ===
// Too many = padding characters (should be 0, 1, or 2)SGVsbG8sIFdvcmxk
// Length: 16 (correct)
SGVsbG8sIFdvcmxkI
// Length: 17 (invalid, not divisible by 4)Frequently Asked Questions
Standard Base64 uses 64 characters: uppercase A-Z (26), lowercase a-z (26), digits 0-9 (10), plus (+), and slash (/). The equals sign (=) is used for padding. URL-safe Base64 replaces + with - and / with _.
Common reasons: (1) Invalid characters (check for spaces, tabs, newlines), (2) incorrect padding (should be 0, 1, or 2 = characters), (3) length not divisible by 4, or (4) mixing standard and URL-safe Base64 characters.
No. Strict Base64 has no whitespace. However, some formats (like PEM certificates) split Base64 into 64-character lines for readability. Most decoders ignore whitespace, but it's best to remove it for validation and consistency.
No. Validation only checks format (correct characters, padding, length). It cannot detect if the content is corrupted. Even if Base64 is valid, the decoded binary data might be corrupted. Use checksums (MD5, SHA-256) to verify data integrity.
No. Standard Base64 validators will reject - and _ characters as invalid. URL-safe Base64 requires a separate validation rule. Always specify which Base64 variant you're validating (standard or URL-safe).