Posts from Wednesday, October 27th, 2004

More Tools

Published 13 years, 3 months ago

For those who are interested, I’ve added some new stuff to the Tools page, in addition to reordering it just a little.  The first addition is a URL decoder/encoder, something I’ve needed from time to time when trying to unravel encoded-JavaScript bookmarklets.  I’m sure every other developer in the world has created his own version of this tool at some point; well, here’s mine.  The second new toolbox entry is for users of NetNewsWire 2: a small collection of themes.  There are three as of this posting, each with a very, very different aim—one artistic, one historical, and one technological.

Hopefully I’ll have more to add to the S5 portion of the toolbox in the near future.

  • Published
  • Categorized under Tools
  • No responses so far

Regular Expression Help

Published 13 years, 3 months ago

Some time ago, Simon Willison pointed out a very cool bookmarklet that helps solve the “I have one password for all my public sites” problem.  This is where someone picks a password they can remember, and then uses that as the password for their accounts on Amazon, eBay, Hotmail, Netflix, et cetera.  This is one of those things that security experts tell you never to do, and yet just about everyone does, because given the plethora of accounts most of us maintain, there’s no way we could keep track of which password goes with which account unless it was all written down somewhere… and that’s something the security experts insist that you never, ever do.

So the bookmarklet takes your ‘master password’, crosses it with the domain of the site, and generates an MD5-based result.  So let’s assume meyerweb had accounts.  You would fire off the bookmarklet, which would ask you type in your master password.  So let’s say your master password is ‘passwd’; this is combined with and the resulting password is 68573552.  On the other hand, if you just use, the result is 92938a6e

Now, while those aren’t the most secure possible passwords, they’re a lot more secure than ‘passwd’.  So I’d like to make use of this bookmarklet.  Fine, great.  The problem is what you just saw: the generated password changes if the full host and domain name bit changes.  This could be a problem if, say, suddenly starts routing all logins to a server named… or vice versa.  So I’d like to adapt the bookmarklet so it grabs just the domain and TLD (I probably got those terms wrong; I usually do) of a URL.  Problem is, I can’t write regular expressions for squat.  I don’t even understand how the regexp in the existing bookmarklet works.

So, a little help, please?  Given the form http://www.domain.tld/blah/foo/, I want the regexp to return just domain.tld.  Just leave a solution in the comments, and you’ll earn the respect and adulation of your peers.  At least those of them who read the comments.