We should consider normalizing a Base64url hash to a Base64 hash so that we decode the hash once using WTF::base64Decode() instead of attempting to decode a Base64url hash twice: once using WTF::base64Decode() and once using using WTF::base64URLDecode().
<rdar://problem/26522835>
One edge cases here to be mindful of: an input containing a unique base64url and unique base64 character. That needs to continue to be an error.