Base64 URL path segments
Unknown data in URL paths can result in invalid URLs, but base64url is designed to be URL-safe.
VCL
Use this solution in your VCL service (click RUN below to test this solution or clone it to make changes):
Compute@Edge
Use this solution in your Compute@Edge service:
- Rust
lazy_static! { static ref RE: Regex = Regex::new(r"/views/(?P<path>[^/]*)").unwrap(); }
let url = "/views/zqzOu8-GzrE=/path/filename.html";
if let Some(encoded) = RE .captures(&url) .and_then(|cap| cap.name("path")) .map(|p| p.as_str().to_owned()) { let decoded = base64::decode_config(encoded, base64::URL_SAFE)?; assert_eq!(decoded, "άλφα".as_bytes()); }
// When base64-encoded material is sent as a part of a URL, the `encode_config` and // `decode_config` functions should be used, specifying that we want to use a character // set that is safe for use in URL's. // // `URL_SAFE_NO_PAD` can also be used to omit `=` padding. For example, the segment path // in this demo is encoded like this: assert_eq!( base64::encode_config( "from=06/07/2013 query=\"Καλώς ορίσατε\"", base64::URL_SAFE_NO_PAD ), "ZnJvbT0wNi8wNy8yMDEzIHF1ZXJ5PSLOms6xzrvPjs-CIM6_z4HOr8-DzrHPhM61Ig" );
// The normal base64 encoding of this text would include characters invalid in a URL path. // See below: assert_eq!( base64::encode_config("from=06/07/2013 query=\"Καλώς ορίσατε\"", base64::STANDARD), "ZnJvbT0wNi8wNy8yMDEzIHF1ZXJ5PSLOms6xzrvPjs+CIM6/z4HOr8+DzrHPhM61Ig==" );