Base64 URL-safe vs Standard Guide

1. Standard Base64 uses `+` and `/`, URL-safe uses `-` and `_`.

2. Keep padding rules explicit when exchanging across systems.

3. Normalize variant before signature or checksum calculations.

4. Avoid double-encoding values before URL transport.

5. Validate decoder behavior for missing padding edge cases.

6. Document expected variant in every API contract.