Security vulnerabilities involved with Base64 encoded url
Base64Encode/Decode
is not developed for encrypt & transfer data securely
. Can use Base64
to transfer binderies / string contains special characters without interrupt the protocol or function as here mentioned
In your case you should use SSL
to make secure & encrypted connection between server & client
.
And also you can use RSA Encryption
method to encrypt your data, Before send. (SSL uses this algo)
When you come to API, There is a another point (Sniffing Security)
. You should provide a security layer to protect your data from modification on the middle way. Here most developers are using JWT Token Authentication
. By authenticating JWT
you can detect that the data is modified or not.
These are very common security tips. You can find more by googling following key words.JWT Token
,RSA Encryption
,SSl Certificate