File signatures before filenames
Changing a filename extension does not change its bytes. This page checks common signatures for images, PDF, ZIP, gzip, MP3, and MP4, then proposes a download extension from the detected type. Unknown data remains application/octet-stream with a .bin extension.
Magic-byte detection is useful when an API returns only a Base64 field or when the data URL media type is missing. It is still a lightweight identification step, not full structural validation or antivirus scanning.
Download decoded bytes locally
The browser creates a temporary object URL for the decoded byte array. Nothing is uploaded, and the object URL is released when a new result replaces it or the page closes.
Treat unknown downloads as untrusted. Do not execute a recovered program, enable macros, or open an unfamiliar archive merely because its signature and extension look plausible.
Common failures this tool explains
- The Base64 text has invalid characters or impossible padding.
- The decoded file type is not in the signature table and is returned as .bin.
- The declared data URL MIME type disagrees with the file signature.
- The browser tab runs out of memory while holding a very large encoded and decoded copy.
Equivalent commands
Use the runtime or shell already available in your workflow. Validate untrusted input and keep binary output out of terminals when it may contain control bytes.
Python
from pathlib import Path
import base64
Path('decoded.bin').write_bytes(base64.b64decode(value, validate=True))
JavaScript
import { writeFileSync } from 'node:fs';
writeFileSync('decoded.bin', Buffer.from(value, 'base64'));
Shell
base64 --decode payload.base64 > decoded.bin
file decoded.bin