I've been working with JWTs lately and that means working with Base64URL format. (Ref: https://www.rfc-editor.org/rfc/rfc4648#section-5 ) This is essentially the same thing as normal Base64, but instead of '+' and '/', it uses '-' and '_', respectively. It also allows leaving off the training '=' padding characters.
So far, I've just been including polyfills like this: function base64url_decode(string $str): string { return base64_decode(str_pad(strtr($str, '-_', '+/'), (4 - (strlen($str) % 4)) % 4, '=')); } function base64_encode(string $str): string { return rtrim(strtr(base64_encode($str), '+/', '-_'), '='); } These work fine, but they create a LOT of string copies along the way which shouldn't be necessary. Would anyone mind if skipped RFC and just added `base64url_encode()` and `base64url_decode()` to PHP 8.3? Can hold a vote if anyone objects, but this seems fairly non-controversial. -Sara