The data URI spec does not define a size limit but says applications may impose their own.
Chrome - 2MB for the current document. Otherwise the limit is the in-memory storage limit for arbitrary blobs: if x64 and NOT ChromeOS or Android, then 2GB; otherwise, total_physical_memory / 5 (source).
Firefox - unlimited
IE ≥ 9 & Edge - 4GB
You also could use blob URLs, which have a 500Mb limit.
An example:
1. Alice constructs a data url with the base64 encoding of a zipped and encrypted document, submits it to her favorite URL shortener and gets a short URL back.
2. Alice transmits the short URL to Bob, perhaps as metadata in an cryptocurrency transaction.
3. Bob receives the short URL, navigates to it in a modern browser and extracts the data.
This is not anonymous unless the shortener is guaranteed anonymous, which it won't be.
I used to leave myself messages or short text snippets by requesting a nonexistent page on my website and adding the text as a GET query in the URL. I had my log autorotation set to email me logs after a day or two. So later in the week, when I wanted to retrieve the information, I could just search my email for the name of the nonexistent page, and the text would show up in the relevant access.log. It worked okay for what I needed and aside from the log setup (or grep'ing the apache logs) required no code.
A URL shortener as a method of data exchange.
The data URI spec does not define a size limit but says applications may impose their own.
Chrome - 2MB for the current document. Otherwise the limit is the in-memory storage limit for arbitrary blobs: if x64 and NOT ChromeOS or Android, then 2GB; otherwise, total_physical_memory / 5 (source). Firefox - unlimited IE ≥ 9 & Edge - 4GB
You also could use blob URLs, which have a 500Mb limit.
An example: 1. Alice constructs a data url with the base64 encoding of a zipped and encrypted document, submits it to her favorite URL shortener and gets a short URL back. 2. Alice transmits the short URL to Bob, perhaps as metadata in an cryptocurrency transaction. 3. Bob receives the short URL, navigates to it in a modern browser and extracts the data.
This is not anonymous unless the shortener is guaranteed anonymous, which it won't be.