Simon Willison’s Weblog

Django snippets: Sign a string using SHA1, then shrink it using url-safe base65. I needed a way to create tamper-proof URLs and cookies by signing them, but didn’t want the overhead of a full 40 character SHA1 hash. After some experimentation, it turns out you can knock a 40 char hash down to 27 characters by encoding it using a custom base65 encoding which only uses URL-safe characters. 27th August 2008, 10:18 pm

Crowdvine, iCalico, Pathable, a Study in Collusion. Stitching sites together around a single user database using subdomains and simple signed cookies. 12th July 2007, 11:09 pm