Some CDMs (e.g. PlayReady) generate session IDs in the format of base64 encoded. Currently Chromium only allows ASCII session IDs.

https://cs.chromium.org/chromium/src/third_party/blink/renderer/modules/encryptedmedia/media_key_session.cc?q=media_key_session.cc&dr&l=81

https://cs.chromium.org/chromium/src/media/blink/webcontentdecryptionmodulesession_impl.cc?type=cs&q=+media/blink/webcontentdecryptionmodulesession_impl.cc&sq=package:chromium&g=0&l=156

Based on EME spec:

"A Session ID is a unique string identifier generated by the CDM that can be used by the application to identify MediaKeySession objects."

(https://www.w3.org/TR/encrypted-media/#session-id)

"The user agent should thoroughly validate the sessionId value before passing it to the CDM. At a minimum, this should include checking that the length and value are reasonable (e.g., not longer than tens of characters and alphanumeric)."

(https://www.w3.org/TR/encrypted-media/#dom-mediakeysession-load)

We should either allow base64 encoded session IDs, or ask the key system to validate the session IDs.