Szerteszana²

grin agymenései
Taggalés web

Regular Expression (regex) debugger

2016-07-01 10:50 írta grin
This is highly technical, non-geeks run away, now.

Okay, no, just kidding, this is just a bookmark entry since this is so cool.

Regular expressions are part of the Zen™© of the Programming. They are patterns which are matched against a string and check whether there is a match or not, take parts of the string or similar.

Also, regexps are highly geeky because they are an absolutely unreadable mix of all kinds of punctiation. Simple regexes are easy to write and easy to understand, however there are some whose complexity requires more understanding than one can spare for an average human lifetime.

Here come the RegEx debuggers. Funny, I almost have used none so far, maybe I like to break my brain on them. Anyway, there was one which was full of "meta matches" (?:) and recursive groups (eek), and I was looking for the easy way and googled "regex debugger". Found a lot of interesting but not that useful one, but then…

This.

Nice. Syntax diagram of the regexp.

Enable password saving in web forms

2013-05-23 10:27:04 írta grin
Some people just cannot get it.
I do not get into password security theory right now, it has been well debated to death already. Basically the best way – in my not-so-humble opinion – is to use different, long and random passwords everywhere (at least on the web) and store them in a secure password manager program protected with one very strong, but memorizable master password. (Unfortunately there are lots of programs and web services around offering password management while utilising security in horrible ways, including unsafe or weak encryption, transferring live passwords on the net, sometimes even unencrypted, or storing the cleartext passwords in an olnline database. It is really hard to find one which is secure, cryptographically sound and trusted. And don't get me started with online news articles written by miners and shoemakers playing mad scientist for the masses, telling which program is good and which is not; they can't even spell cryptography, let alone understand what it means. But that's a topic for another day.)
So I advise you to use a secure password storage, with long random passwords, lots of them.
For the web, the easiest way to use a browser with a secure storage. Firefox have one, if you use a strong master password it's quite safe (well, not Fort Knox, but "pretty good").
Sometimes you want to use external password manager, or anything which cannot autofill the form: there you retrieve the long random noise and try to copy it into the password field. Easy, quite secure (as long as you trust your copy buffer, but then again this is a different topic altogether; I do not start to talk you about swap files - security is a bitch).
So, here come the people who cannot get it.
Some people think it is really smart to disable browser password saving. Completely. For everyone. They think it's better to use memorizable "secure" passwords than long random ones. Or maybe they want to laugh at you trying to type them in. So they include shit on their webpage like "autofill=no" attributes. Nasty.
Others think that you should not copy secure passwords, Allah knows what'd on their mind, if they had any. Setting onPaste="return false" and like on web forms. Double nasty.
So here's a script, which is an adoption of someone's script I saved long time ago. I am lazy to look it up, if you're the author you're welcome to tell me and I'll inlcude the credits. The script was updated to handle oncopy and onpaste.

In Firefox at least you create a new bookmark and copy the whole stuff into the URL. Anytime you need to save passwords, click on it, then start filling out.
Enjoy.

javascript:(function(){var%20ca,cea,cs,df,dfe,i,j,x,y;ca=cea=cs=oc=op=0;df=document.forms;for(i=0;i<df.length;++i){x=df[i];dfe=x.elements;if(x.onsubmit){x.onsubmit="";++cs;}if(x.attributes["autocomplete"]){x.attributes["autocomplete"].value="on";++ca;}if(x.onpaste){x.attributes.onpaste.value="";++op;}if(x.attributes["oncopy"]){x.attributes["oncopy"].value="";++oc}for(j=0;j<dfe.length;++j){y=dfe[j];if(y.attributes["autocomplete"]){y.attributes["autocomplete"].value="on";++cea;}if(y.attributes.onpaste){y.attributes.onpaste.value="";++op;}if(y.attributes["oncopy"]){y.attributes["oncopy"].value="";++oc;}}}alert("removed%20autocomplete=off%20from%20"+ca
+"%20and%20from%20"+cea+%20",%20and%20removed%20onsubmit%20from%20"+cs
+%20".%20after%20you%20type%20your%20password%20and%20submit%20the%20form,%20the%20browser%20will%20offer%20to%20remember%20your%20password."
+%20"%20also%20removing%20"+op+"%20onpaste%20and%20"+oc+"%20oncopy.")
})();


Taggalés web

Szerteszana²

grin agymenései