this post was submitted on 13 Sep 2025
69 points (89.7% liked)

Selfhosted

51408 readers
805 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
CannaVet@lemmy.world
Loki@lemmy.world
HybridSarcasm@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
69
Is there a self-hosted project that does url decoding in a privacy respecting fashion? (lemmy.zip)
submitted 17 hours ago* (last edited 17 hours ago) by ReedReads@lemmy.zip to c/selfhosted@lemmy.world
36 comments fedilink hide all child comments
 

Links are almost always base64 encoded now and the online url decoders always produce garbage. I was wondering if there is a project out there that would allow me to self-host this type of tool?

I'd probably network this container through gluetun because, yanno, privacy.

Edit to add: Doesn't have to be specifically base64 focused. Any link decoder that I can use in a privacy respecting way, would be welcome.

Edit 2: See if your solution will decode this link (the one in the image): https://link.sfchronicle.com/external/41488169.38548/aHR0cHM6Ly93d3cuaG90ZG9nYmlsbHMuY29tL2hhbWJ1cmdlci1tb2xkcy9idXJnZXItZG9nLW1vbGQ_c2lkPTY4MTNkMTljYzM0ZWJjZTE4NDA1ZGVjYSZzcz1QJnN0X3JpZD1udWxsJnV0bV9zb3VyY2U9bmV3c2xldHRlciZ1dG1fbWVkaXVtPWVtYWlsJnV0bV90ZXJtPWJyaWVmaW5nJnV0bV9jYW1wYWlnbj1zZmNfYml0ZWN1cmlvdXM/6813d19cc34ebce18405decaB7ef84e41 (it should decode to this page: https://www.hotdogbills.com/hamburger-molds)

top 36 comments
sorted by: hot top controversial new old
[–] Finadil@lemmy.world 2 points 34 minutes ago* (last edited 29 minutes ago)

I mean... It's decoding into garbage because you're feeding it more than just the base64 section. I suppose if you're already running nginx or something you could easily make a page that uses javascript to break the link down (possibly using /, ?, = as separators) and decode sections that look like base64. If you make it javascript and client side there's not really any privacy concerns.

EDIT: Oops. My Lemmy client didn't load the other replies at first, I didn't realize you already had plenty of other options.

[–] Hawk@lemmy.dbzer0.com 21 points 7 hours ago

There is no such thing as a base64 encoded url. Part of an url might hold base64 encoded data, but never the url itself.

These online tools aren't working because you're using them wrong.

[–] amzd@lemmy.world 6 points 6 hours ago (1 children)

It’s 3 lines of code in basically every programming language, no need for selfhosting, just open the terminal?

[–] Cyber@feddit.uk 1 points 3 hours ago* (last edited 3 hours ago) (1 children)

~~Got an example in BASH?~~

Edit: someone else has a link

[–] Blemish5236@lemmy.world 4 points 1 hour ago

echo "base64 text" | base64 --decode

[–] FreedomAdvocate@lemmy.net.au 28 points 15 hours ago* (last edited 14 hours ago) (1 children)

That url isn’t base64 encoded. You can tell by the fact that it’s still a URL, and doesn’t decode……

[–] possiblylinux127@lemmy.zip 4 points 8 hours ago (1 children)

...that one little detail everyone missed

[–] irotsoma@lemmy.blahaj.zone 10 points 13 hours ago

Don't include the non-encoded part of the data or it will corrupt the decryption. The decoder can't tell the difference between data that's not encoded and data that is encoded since it's all text.

[–] hendrik@palaver.p3x.de 45 points 17 hours ago (1 children)

There's base64 -d on the command line.

[–] ReedReads@lemmy.zip 4 points 17 hours ago (4 children)

base64 -d

Right but the / in the url trips it up and I'd like to just copy/paste the full url and have it spit out the proper, decoded link.

[–] ExFed@programming.dev 25 points 16 hours ago* (last edited 16 hours ago) (1 children)

The / character isn't a part of the base64 encoding. In fact, only one part of the URL looks like base64. No plain base64 tool (whether via CLI, self-hosted, or otherwise) will be able to decode an entire URL like that. You'll first need to parse the URL to isolate the base64 part. This is literally solved with a single line of bash:

echo "https://link.sfchronicle.com/external/41488169.38548/aHR0cHM6Ly93d3cuaG90ZG9nYmlsbHMuY29tL2hhbWJ1cmdlci1tb2xkcy9idXJnZXItZG9nLW1vbGQ_c2lkPTY4MTNkMTljYzM0ZWJjZTE4NDA1ZGVjYSZzcz1QJnN0X3JpZD1udWxsJnV0bV9zb3VyY2U9bmV3c2xldHRlciZ1dG1fbWVkaXVtPWVtYWlsJnV0bV90ZXJtPWJyaWVmaW5nJnV0bV9jYW1wYWlnbj1zZmNfYml0ZWN1cmlvdXM/6813d19cc34ebce18405decaB7ef84e41" | cut -d/ -f6 | base64 -d

See TIO for example.

edit: add TIO link

[–] ReedReads@lemmy.zip 11 points 16 hours ago (3 children)
  1. Thank you for this
  2. You know more than I do re: bash. Where can I learn what | cut -d/ -f6 | means? I assume the cut is the parsing? But maybe that is wrong? Would love to learn how to learn this.
[–] krnl386@lemmy.ca 5 points 9 hours ago* (last edited 9 hours ago) (1 children)

Try explainshell.com - you can paste in any oneliner and the site will parse it and explain each part.

Here’s the link

[–] Enoril@jlai.lu 1 points 2 hours ago

Really nice! Thanks for sharing this

[–] 30p87@feddit.org 9 points 13 hours ago

cut --help and man cut can teach you more than anyone here.

But: "|" takes the output of the former command, and uses it as input for the latter. So it's like copying the output of "echo [...]", executing "cut -d '/' -f 6", and pasting it into that. Then copy the output of "cut", execute "base64 -d" and paste it there. Except the pipe ("|") automates that on one line.

And yes, cut takes a string (so a list of characters, for example the url), split's it at what -d specifies (eg. cut -d '/' splits at "/"), so it now internally has a list of strings, "https:", "", "link.sfchronicle.com", "external", 41488169.38548", "aHR0cHM6Ly93d3cuaG90ZG9nYmlsbHMuY29tL2hhbWJ1cmdlci1tb2xkcy9idXJnZXItZG9nLW1vbGQ_c2lkPTY4MTNkMTljYzM0ZWJjZTE4NDA1ZGVjYSZzcz1QJnN0X3JpZD1udWxsJnV0bV9zb3VyY2U9bmV3c2xldHRlciZ1dG1fbWVkaXVtPWVtYWlsJnV0bV90ZXJtPWJyaWVmaW5nJnV0bV9jYW1wYWlnbj1zZmNfYml0ZWN1cmlvdXM" and "6813d19cc34ebce18405decaB7ef84e41", and from that list outputs whatever is specified by -f (so eg. -f 6 means the 6th of those strings. And -f 2-3 means the 2nd to 3rd string. And -5 means everything up to and including the fifth, and 3- means everything after and including the third).

But all of that is explained better in the manpage (man cut). And the best way to learn is to just fuck around. So echo "t es t str i n g, 1" | cut ... and try various arguments.

[–] ccryx@discuss.tchncs.de 1 points 11 hours ago* (last edited 11 hours ago)

You can use man <command> (in this case man cut) to read a program's manual page. Appending --help (without any other arguments will often produce at least a short description of the program and list the available options.

[–] hendrik@palaver.p3x.de 5 points 16 hours ago* (last edited 16 hours ago) (1 children)

~~Well, the URL is a bit weird.~~

echo "aHR0cHM6Ly93d3cuaG90ZG9nYmlsbHMuY29tL2hhbWJ1cmdlci1tb2xkcy9idXJnZXItZG9nLW1vbGQ" | base64 -d

gives me "https://www.hotdogbills.com/hamburger-molds/burger-dog-mold". (Without the 's'.) And then there are about 176 characters left. I suppose the underscore is some delimiter. The rest is:

echo "c2lkPTY4MTNkMTljYzM0ZWJjZTE4NDA1ZGVjYSZzcz1QJnN0X3JpZD1udWxsJnV0bV9zb3VyY2U9bmV3c2xldHRlciZ1dG1fbWVkaXVtPWVtYWlsJnV0bV90ZXJtPWJyaWVmaW5nJnV0bV9jYW1wYWlnbj1zZmNfYml0ZWN1cmlvdXM" | base64 -d

"sid=6813d19cc34ebce18405deca&ss=P&st_rid=null&utm_source=newsletter&utm_medium=email&utm_term=briefing&utm_campaign=sfc_bitecurious"

And I suppose the stuff after the last slash is there for some other reason, tracking or some hash or whatever. But the things before that are the URL and the parameters.

But the question remains whether we have some kind of tool to do this automatically and make it a bit easier...

[–] ReedReads@lemmy.zip 3 points 16 hours ago (1 children)

I really appreciate all of the time and effort you spent on this url. You're right, the url is weird, which is why I thought it was a good example.

But the question remains whether we have some kind of tool to do this automatically and make it a bit easier…

But you nailed it with this last sentence. Especially when one is on mobile.

Thanks for replying again.

[–] hendrik@palaver.p3x.de 2 points 15 hours ago* (last edited 15 hours ago)

I know. Guess I mainly wanted to say your given solution isn't the entire story and the potential tool should decode the parameters as well, they might or might not be important. I'm often at the computer and I regularly do one-off tasks this way... But I'm aware it might not be an one-off task to you and you might not have a Linux terminal open 24/7 either 😉 Hope some of the other people have what you need. And btw... since I clicked on a few of the suggestions: I think the thing called URL encoding is a something different, that's with all the percent signs and not base64 like here.

[–] carl_dungeon@lemmy.world 3 points 17 hours ago

Just put it in quotes?

[–] countzukula@lemmy.world 29 points 17 hours ago (1 children)

Cyberchef!

[–] hypna@lemmy.world 9 points 17 hours ago

Cyberchef does this and so so much more https://github.com/gchq/CyberChef

[–] liliumstar@lemmy.dbzer0.com 4 points 11 hours ago* (last edited 11 hours ago)

I wrote this little webapp thing some time ago. It's not exactly what you asked for but is a good example.

All it does is base64 encode a link and adds the server url in front of it. When someone visits that link it will redirect them to the destination. The intent is to bypass simple link tracking / blocking in discord and other platforms.

There are also checks for known bad domains and an attempt to remove known tracking query parameters.

https://git.tsps-express.xyz/liliumstar/redir

Edit: I forgot to add it also blocks known crawlers (at least at time of writing) so that they can't just follow the 302 and figure out where it goes.

[–] masterofn001@lemmy.ca 5 points 12 hours ago

I have nothing to add except the appreciation for everyone who helped and amazement at the vastly differing ways people produced working results.

[–] e0qdk@reddthat.com 12 points 15 hours ago (1 children)

There's something else going on there besides base64 encoding of the URL -- possibly they have some binary tracking data or other crap that only makes sense to the creator of the link.

It's not hard to write a small Python script that gets what you want out of a URL like that though. Here's one that works with your sample link:

#!/usr/bin/env python3

import base64
import binascii
import itertools
import string
import sys

input_url = sys.argv[1]
parts = input_url.split("/")
  
for chunk in itertools.accumulate(reversed(parts), lambda b,a: "/".join([a,b])):
  try:
    text = base64.b64decode(chunk).decode("ascii", errors="ignore")
    clean = "".join(itertools.takewhile(lambda x: x in string.printable, text))
    print(clean)
  except binascii.Error:
    continue

Save that to a file like decode.py and then you can you run it on the command line like python3 ./decode.py 'YOUR-LINK-HERE'

e.g.

$ python3 ./decode.py 'https://link.sfchronicle.com/external/41488169.38548/aHR0cHM6Ly93d3cuaG90ZG9nYmlsbHMuY29tL2hhbWJ1cmdlci1tb2xkcy9idXJnZXItZG9nLW1vbGQ_c2lkPTY4MTNkMTljYzM0ZWJjZTE4NDA1ZGVjYSZzcz1QJnN0X3JpZD1udWxsJnV0bV9zb3VyY2U9bmV3c2xldHRlciZ1dG1fbWVkaXVtPWVtYWlsJnV0bV90ZXJtPWJyaWVmaW5nJnV0bV9jYW1wYWlnbj1zZmNfYml0ZWN1cmlvdXM/6813d19cc34ebce18405decaB7ef84e41'
https://www.hotdogbills.com/hamburger-molds/burger-dog-mold

This script works by spitting the URL at '/' characters and then recombining the parts (right-to-left) and checking if that chunk of text can be base64 decoded successfully. If it does, it then takes any printable ASCII characters at the start of the string and outputs it (to clean up the garbage characters at the end). If there's more than one possible valid interpretation as base64 it will print them all as it finds them.

[–] ReedReads@lemmy.zip 3 points 15 hours ago

Wow, this is really helpful. Thank you!!

[–] mike_wooskey@lemmy.thewooskeys.com 14 points 16 hours ago (1 children)

IT-Tools is kind of fun: a web page full of common tools, converters, references, cheat sheets, etc.

[–] borth@sh.itjust.works 1 points 11 hours ago

This is amazing, thank you!

[–] vk6flab@lemmy.radio 6 points 17 hours ago

Use a bash command line:

https://stackoverflow.com/questions/6250698/how-to-decode-url-encoded-string-in-shell

[–] SkavarSharraddas@gehirneimer.de 3 points 15 hours ago

https://addons.mozilla.org/en-US/firefox/addon/redirect-bypasser-webextension/ in desktop Firefox seems to work for your link. For mobile there might be apps that you share the link to and they dissect it, but a very quick search didn't turn up anything.

[–] sneakyninjapants@sh.itjust.works 3 points 16 hours ago

CorentinTh/it-tools does that and a lot more

[–] FrostyPolicy@suppo.fi 2 points 17 hours ago

Try https://flathub.org/en/apps/me.iepure.devtoolbox