credit_card_sanitizer 0.3.1 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/credit_card_sanitizer.rb +28 -18
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 931e6e4a5625866a098125ac6b7d19b48107f6ee
|
|
4
|
+
data.tar.gz: 95736bfd3c27a5807f3ae2527b5580e0f399f875
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 46b52b3e0a9906cef8969498fba3341a0e130407f21eb40d90b9e6e7edea2864fe7bddcc1e0f94638d856d7e9d8b7bffb84bd7a737f4bb32c7611672db429ebe
|
|
7
|
+
data.tar.gz: 06be394926ce1bd28c494669f85c0e577800d61d8bd3ebd442bf9739697aa789855f28fafbd4bcd542a0ba30fd7488a6d5d3bb977ea12025912742adbfda250d
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
2
|
|
|
3
3
|
require 'luhn_checksum'
|
|
4
|
+
require 'securerandom'
|
|
4
5
|
|
|
5
6
|
class CreditCardSanitizer
|
|
6
7
|
|
|
@@ -20,9 +21,10 @@ class CreditCardSanitizer
|
|
|
20
21
|
'laser' => /^(6304|6706|6709|6771(?!89))\d{8}(\d{4}|\d{6,7})?$/
|
|
21
22
|
}
|
|
22
23
|
VALID_COMPANY_PREFIXES = Regexp.union(*CARD_COMPANIES.values)
|
|
24
|
+
EXPIRATION_DATE = /\s(?:0?[1-9]|1[0-2])(?:\/|-)(?:\d{4}|\d{2})(?:\s|$)/
|
|
23
25
|
LINE_NOISE = /[^\w_\n,()\/:]{,5}/
|
|
24
|
-
|
|
25
|
-
NUMBERS_WITH_LINE_NOISE = /#{
|
|
26
|
+
SCHEME_OR_PLUS = /(\+|(?:[a-zA-Z][\-+.a-zA-Z\d]{,9}):\S+)/
|
|
27
|
+
NUMBERS_WITH_LINE_NOISE = /#{SCHEME_OR_PLUS}?\d(?:#{LINE_NOISE}\d#{LINE_NOISE}){10,17}\d/
|
|
26
28
|
|
|
27
29
|
attr_reader :replacement_token, :expose_first, :expose_last
|
|
28
30
|
|
|
@@ -60,16 +62,19 @@ class CreditCardSanitizer
|
|
|
60
62
|
to_utf8!(text)
|
|
61
63
|
|
|
62
64
|
redacted = nil
|
|
63
|
-
text.gsub!(NUMBERS_WITH_LINE_NOISE) do |match|
|
|
64
|
-
next match if $1
|
|
65
|
-
@numbers = match.tr('^0-9', '')
|
|
66
65
|
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
66
|
+
without_expiration(text) do
|
|
67
|
+
text.gsub!(NUMBERS_WITH_LINE_NOISE) do |match|
|
|
68
|
+
next match if $1
|
|
69
|
+
@numbers = match.tr('^0-9', '')
|
|
70
|
+
|
|
71
|
+
if valid_numbers?
|
|
72
|
+
redacted = true
|
|
73
|
+
redact_numbers!(match)
|
|
74
|
+
end
|
|
71
75
|
|
|
72
|
-
|
|
76
|
+
match
|
|
77
|
+
end
|
|
73
78
|
end
|
|
74
79
|
|
|
75
80
|
redacted && text
|
|
@@ -84,12 +89,12 @@ class CreditCardSanitizer
|
|
|
84
89
|
# Rails.app.config.filter_parameters = [:password, CreditCardSanitizer.parameter_filter]
|
|
85
90
|
#
|
|
86
91
|
# env = {
|
|
87
|
-
# "action_dispatch.request.parameters" => {"credit_card_number" => "
|
|
88
|
-
#
|
|
92
|
+
# "action_dispatch.request.parameters" => {"credit_card_number" => "4111 1111 1111 1111", "password" => "123"},
|
|
93
|
+
# "action_dispatch.parameter_filter" => Rails.app.config.filter_parameters
|
|
89
94
|
# }
|
|
90
95
|
#
|
|
91
96
|
# >> ActionDispatch::Request.new(env).filtered_parameters
|
|
92
|
-
# => {"credit_card_number" => "
|
|
97
|
+
# => {"credit_card_number" => "4111 11▇▇ ▇▇▇▇ 1111", "password" => "[FILTERED]"}
|
|
93
98
|
#
|
|
94
99
|
# Returns a Proc that takes the key/value of the request parameter.
|
|
95
100
|
def self.parameter_filter
|
|
@@ -107,10 +112,8 @@ class CreditCardSanitizer
|
|
|
107
112
|
end
|
|
108
113
|
|
|
109
114
|
def redact_numbers!(text)
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
text.gsub!(/\d/) do |number|
|
|
113
|
-
if within_redaction_range?(digit_index += 1)
|
|
115
|
+
text.gsub!(/\d/).with_index do |number, digit_index|
|
|
116
|
+
if within_redaction_range?(digit_index)
|
|
114
117
|
replacement_token
|
|
115
118
|
else
|
|
116
119
|
number
|
|
@@ -119,7 +122,14 @@ class CreditCardSanitizer
|
|
|
119
122
|
end
|
|
120
123
|
|
|
121
124
|
def within_redaction_range?(digit_index)
|
|
122
|
-
digit_index
|
|
125
|
+
digit_index >= expose_first && digit_index < @numbers.size - expose_last
|
|
126
|
+
end
|
|
127
|
+
|
|
128
|
+
def without_expiration(text)
|
|
129
|
+
expiration_date_boundary = SecureRandom.hex.tr('0123456789', 'ABCDEFGHIJ')
|
|
130
|
+
text.gsub!(EXPIRATION_DATE) { |expiration_date| "#{expiration_date_boundary}#{expiration_date}#{expiration_date_boundary}" }
|
|
131
|
+
yield
|
|
132
|
+
text.gsub!(expiration_date_boundary, '')
|
|
123
133
|
end
|
|
124
134
|
|
|
125
135
|
if ''.respond_to?(:scrub)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: credit_card_sanitizer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Eric Chapweske
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2014-
|
|
13
|
+
date: 2014-11-17 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: appraisal
|