All I'm suggesting is that when we look at how most people convert binary hash values to plain text, they usually do so with Hex rather than Base64. The latter is useful for many things, but mostly used when sending POST data. Base64 data often includes line wraps to fit in 80-char boundaries, but of course that'll muck up a GET request. Besides, as mentioned earlier everything in a GET query string is stored in Apache and most other web server logs, so if the query contains secrets it requires additional diligence to protect them. With POST only the URL is logged, but not the data.
Under what circumstances would you have a server deliver a hashed password at "downloading time"?
Is your server using HTTPS?