When I encode image data to a base64 string I use the server file path to get the image data with fs.readFile(). I have question: does this mean other people can decode the base64 string then get the server path from the encoded data as below?
当我将图像数据编码到base64字符串时,我使用服务器文件路径使用fs.readFile()获取图像数据。我的问题是:这是否意味着其他人可以解码base64字符串,然后从编码的数据中获取服务器路径,如下所示?
...
fs.readFile(destinationFilePath, function(error, data){
fulfill(data.toString('base64'));
});
I don't want to leak my server path to so I also tried encode the host url like below code, I'm not sure this correct way to use base64? and I don't get any error but also I got no response - did I miss something?
我不想泄漏我的服务器路径,所以我也尝试了像下面的代码那样对主机url进行编码,我不确定使用base64的正确方法是什么?我没有得到任何错误,但也没有得到任何响应——我是否漏掉了什么?
var base64EncodeData = function(destinationFilePath) {
return new Promise(function (fulfill, reject){
var request = require('request').defaults({ encoding: null });
request.get(destinationFilePath, function (error, response, body) {
if (!error && response.statusCode == 200) {
data = "data:" + response.headers["content-type"] + ";base64," + new Buffer(body).toString('base64');
console.log(data);
fulfill(data);
}
});
});
};
1 个解决方案
#1
4
No you don't leak your server path by base64 encoding images. The base64 you are generating only includes a base64 representation of the binary image data. Indeed by base64 encoding them you remove any use of a path when you display them within a HTML page for example:
不,您不会通过base64编码映像泄漏服务器路径。您正在生成的base64只包含二进制图像数据的base64表示。实际上,通过对它们进行base64编码,当您在HTML页面中显示它们时,您可以删除路径的任何使用,例如:
<img alt="base64 image" src="data:image/png;base64,isdRw0KGgot5AAANdSsDIA..." />
< img alt = " base64形象“src = "数据:图像/ png;base64,isdRw0KGgot5AAANdSsDIA……”/ >
The src attribute contains a flag that data is being provided data: the file mimetype image/png; the encoding base64, and the encoded image data isdRw0KGgot5AAANdSsDIA....
src属性包含有数据提供数据的标志:文件mimetype image/png;base64编码,编码图像数据isdRw0KGgot5AAANdSsDIA ....
#1
4
No you don't leak your server path by base64 encoding images. The base64 you are generating only includes a base64 representation of the binary image data. Indeed by base64 encoding them you remove any use of a path when you display them within a HTML page for example:
不,您不会通过base64编码映像泄漏服务器路径。您正在生成的base64只包含二进制图像数据的base64表示。实际上,通过对它们进行base64编码,当您在HTML页面中显示它们时,您可以删除路径的任何使用,例如:
<img alt="base64 image" src="data:image/png;base64,isdRw0KGgot5AAANdSsDIA..." />
< img alt = " base64形象“src = "数据:图像/ png;base64,isdRw0KGgot5AAANdSsDIA……”/ >
The src attribute contains a flag that data is being provided data: the file mimetype image/png; the encoding base64, and the encoded image data isdRw0KGgot5AAANdSsDIA....
src属性包含有数据提供数据的标志:文件mimetype image/png;base64编码,编码图像数据isdRw0KGgot5AAANdSsDIA ....