Closed mdimas closed 4 years ago
Yes, the spec notes (Section 6) that plaintext payloads must be UTF-8 --- it also notes they must be JSON objects, which is the goal of the high-level interface which is still TODO --- and recommends the use of base64url encoding to handle binary data. I will consider building some functionality into the library to help with that, but it's also something you can handle on your end. I'll leave this issue open though while I consider it.
Going to close this, requiring callers format data into utf-8
before using is not too much to ask for.
In the verify method the last thing it does is call `toString('utf-8') on the data buffer. https://github.com/sjudson/paseto.js/blob/master/lib/protocol/V2.js#L321
In our case our message is binary because we are sending a compressed message. The fact that it is returned as UTF-8 breaks the message and makes it impossible for us to unzip it.
Is there anything in the Paseto spec that says the message has to be UTF-8? If not can this default be removed? Either the original data buffer could be returned, or maybe an option can be provided to specify the content encoding.
Thanks, Mark