Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Sanitized, well formed JSON is generally not horribly URL encoded. It's typically less overhead than base64.
Also, for well formed JSON (not arbitrary JSON), it also works fine in HTTP headers. I think those two situations cover about 90% of use cases.
For example, here is a JSON payload URL encoded. It's not too bad, and much better than base64:
https://cyphr.me/coze#?input={%22pay%22:{%22msg%22:%22Hello%...
URL encoded that payload is 288 bytes, as base 64 it is 318 bytes. (Here's another tool just for that: https://convert.zamicol.com/#?inAlph=text&in=%257B%2522pay%2...)
Might I suggest Paseto (https://paseto.io/) - it solves a lot of the headaches of JWT. Signing and encryption are two different things that require two different sets of keys, so you can't mess it up.
(Full disclosure, I've written one implementation: https://github.com/auth70/paseto-ts)
Might I suggest Paseto (https://paseto.io/) - it solves a lot of the headaches of JWT. Signing and encryption are two different things that require two different sets of keys, so you can't mess it up.
(Full disclosure, I've written one implementation: https://github.com/auth70/paseto-ts)