Why should you base64 encode the Authorization header?

Question

Twitter\'s API requires sending an Authorization header that is a base64 encoding of an API key concatenated with an API secret key. In Node, I use:

var base64 =         


        

Answer 1

The string should be base64 encoded, not for security, but to encode non-HTTP-compatible characters into HTTP-compatible characters that may be in the username or password.