feat(isBase64): improve base64 validation based on RFC4648#2491
Merged
WikiRik merged 1 commit intovalidatorjs:masterfrom Mar 26, 2025
Merged
feat(isBase64): improve base64 validation based on RFC4648#2491WikiRik merged 1 commit intovalidatorjs:masterfrom
WikiRik merged 1 commit intovalidatorjs:masterfrom
Conversation
WikiRik
reviewed
Nov 2, 2024
add padding to the option list update regexes to support validation with/without padding update default options to keep the changes backward compatible add new test to cover different scenarios
WikiRik
reviewed
Nov 2, 2024
Member
WikiRik
left a comment
WikiRik
left a comment
There was a problem hiding this comment.
Thanks for the quick updates. I'll need to take some more time for a proper review, but on initial look this should be good so I'll request some additional reviewers already
rubiin
approved these changes
Nov 2, 2024
Contributor
Author
rubiin
requested review from
a team and
profnandaa
and removed request for
a team
Contributor
Author
|
UP |
WikiRik
approved these changes
Mar 26, 2025
This was referenced Mar 27, 2025
|
Just a heads up this caused a stack overflow issue in our app.
... Sorry, if I can create a reproducible scenario I will open an issue. |
|
The regular expression used here can cause a ReDoS on large strings. The old implementation was more efficient because the iteration was handled by JS, not by the RegEx. |
Member
|
Feel free to open a new PR with an improved version |
KrayzeeKev
pushed a commit
to KrayzeeKev/validator.js
that referenced
this pull request
Jul 14, 2025
KrayzeeKev
pushed a commit
to KrayzeeKev/validator.js
that referenced
this pull request
Jul 14, 2025
4 tasks
Contributor
|
I've created #2574 to resolve the stack overflow issue |
rubiin
pushed a commit
that referenced
this pull request
Aug 27, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add padding to the options list.
Update regexes to support validation with and without padding.
Update default options to maintain backward compatibility.
Add new tests to cover various scenarios.
In the previous version, only Base64 strings with padding and URL-safe Base64 strings without padding were validated. However, according to RFC4648, both standard and URL-safe Base64 variants can be valid with or without padding. Therefore, this version supports four validation combinations—standard with padding, standard without padding, URL-safe with padding, and URL-safe without padding—while maintaining backward compatibility.
Checklist