Is my data or file uploaded to a server?

No. Encoding and decoding run entirely as JavaScript in your browser using FileReader and the native btoa/atob functions. Your text, files and images never leave your device, so it is safe for credentials, certificates and private images.

Does it handle Unicode and emoji correctly?

Yes. Text is encoded as UTF-8 bytes with TextEncoder before Base64 conversion, so accented characters, CJK text and emoji round-trip correctly rather than being corrupted by the legacy btoa byte limitation.

What is the URL-safe variant?

URL-safe Base64 replaces + with - and / with _ and drops padding, so the result can be used directly in URLs, JWTs and filenames. Toggle it on for encoding; decoding accepts both standard and URL-safe input automatically.

Can it convert an image to a data URI?

Yes. Drop an image or any file onto the encoder and it produces a data: URI you can paste straight into CSS or an img src. Decoding a data URI back shows an inline preview for images and offers a download for any file type.

Base64 Encode & Decode (Text, Files & Images) — Local

On this page

How to use it
Unicode & emoji
URL-safe variant
Files, images & data URIs
Why local matters
FAQ

How to encode and decode Base64

Base64 is the most common way to carry binary data through channels built for text — email attachments, JSON payloads, data URIs, JWTs and HTTP headers. This tool encodes and decodes it both ways, entirely inside your browser tab. Pick Encode or Decode with the toggle, type or paste into the left pane, and press Run; the result appears on the right, ready to copy or download. There is no upload, no queue and no account — every step is a local JavaScript operation that finishes instantly.

Encoding turns arbitrary bytes into a safe alphabet of 64 characters (A–Z, a–z, 0–9, + and /), with = padding so the length is a multiple of four. Decoding reverses that exactly. Because the transformation is defined by a fixed standard rather than a guess, the same input always produces the same output — which is precisely what you need when a token or a signature must match byte-for-byte.

Unicode and emoji, done right

The browser's built-in btoa function only understands characters in the Latin-1 range, so feeding it accented letters, CJK text or emoji throws an error or mangles the bytes. This tool avoids that trap by first encoding your text to UTF-8 with TextEncoder, then Base64-encoding the resulting bytes. Decoding does the reverse with TextDecoder. The upshot is that café, 日本語 and ☕ survive a full round-trip unchanged — something a naïve encoder gets wrong and an AI chatbot can silently corrupt.

Standard vs URL-safe Base64

Two characters in standard Base64 — + and / — are unsafe in URLs and filenames, and the = padding can be awkward too. The URL-safe variant (RFC 4648 §5) swaps them for - and _ and drops the padding, which is exactly what JWTs and many APIs use. Turn the toggle on when encoding to produce URL-safe output; when decoding, you do not need to choose — the tool accepts standard and URL-safe input interchangeably and restores any missing padding before decoding. There is also a Wrap 76 option that breaks long output into 76-character lines for classic MIME compatibility.

Files, images and data URIs

Base64 is how you embed an image directly in CSS, HTML or an SVG without a second network request. Drag any file or image onto the encoder and it reads the bytes locally with FileReader and emits a complete data: URI — for example data:image/png;base64,iVBOR… — that you can paste straight into a stylesheet or an <img src>. Going the other way, paste a data URI or raw Base64 into the decoder: if the bytes are an image the tool renders an inline preview and offers a one-click download, and for any other file type it reconstructs the original bytes so you can save them. All of this happens on your machine, so even a private screenshot or an internal asset never touches a server.

Why a local Base64 tool beats pasting into an AI

It is tempting to drop a string into a chatbot and ask it to "decode this Base64." For a throwaway value that is fine. For anything real it is a poor idea on two fronts. First, privacy: Base64 frequently wraps secrets — basic-auth headers, API keys, session tokens, certificates and private images. Sending that to a third-party model means it may be retained or used for training, and once it leaves your machine you have lost control of it. Second, correctness: a language model can transpose a character, mishandle padding, or "tidy" Unicode in ways that quietly break the value. A real codec applies the specification exactly and returns every byte.

gitime.dev is built around this distinction. Generating a one-off snippet is something AI does well. Processing your actual data — encoding, decoding, validating — belongs in a deterministic tool that runs where the data already lives: your browser tab. Nothing here phones home, so you can decode a token full of secrets without it ever touching a server.

Unicode-safe text via UTF-8 (TextEncoder/TextDecoder).
URL-safe variant for JWTs, URLs and filenames.
Files & images encode to data URIs; images decode to an inline preview.
Large inputs are chunked so big files do not overflow the call stack.
Everything stays on your device — no upload, no logging of content.

Frequently asked questions

Is my data or file uploaded?: No. Everything runs as JavaScript in your browser via FileReader and btoa/atob. Nothing leaves your device, so it is safe for credentials and private images.
Does it handle Unicode and emoji?: Yes. Text is encoded as UTF-8 before Base64, so accents, CJK and emoji round-trip correctly instead of being corrupted.
What is URL-safe Base64?: It replaces +// with -/_ and drops padding for use in URLs and JWTs. Decoding accepts both variants automatically.
Can it turn an image into a data URI?: Yes. Drop a file to get a data: URI; decode one back to an inline image preview plus a download.

Base64 Encode & Decode