credit_card_sanitizer 0.3.1 → 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/credit_card_sanitizer.rb +28 -18
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 931e6e4a5625866a098125ac6b7d19b48107f6ee
|
4
|
+
data.tar.gz: 95736bfd3c27a5807f3ae2527b5580e0f399f875
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 46b52b3e0a9906cef8969498fba3341a0e130407f21eb40d90b9e6e7edea2864fe7bddcc1e0f94638d856d7e9d8b7bffb84bd7a737f4bb32c7611672db429ebe
|
7
|
+
data.tar.gz: 06be394926ce1bd28c494669f85c0e577800d61d8bd3ebd442bf9739697aa789855f28fafbd4bcd542a0ba30fd7488a6d5d3bb977ea12025912742adbfda250d
|
@@ -1,6 +1,7 @@
|
|
1
1
|
# encoding: utf-8
|
2
2
|
|
3
3
|
require 'luhn_checksum'
|
4
|
+
require 'securerandom'
|
4
5
|
|
5
6
|
class CreditCardSanitizer
|
6
7
|
|
@@ -20,9 +21,10 @@ class CreditCardSanitizer
|
|
20
21
|
'laser' => /^(6304|6706|6709|6771(?!89))\d{8}(\d{4}|\d{6,7})?$/
|
21
22
|
}
|
22
23
|
VALID_COMPANY_PREFIXES = Regexp.union(*CARD_COMPANIES.values)
|
24
|
+
EXPIRATION_DATE = /\s(?:0?[1-9]|1[0-2])(?:\/|-)(?:\d{4}|\d{2})(?:\s|$)/
|
23
25
|
LINE_NOISE = /[^\w_\n,()\/:]{,5}/
|
24
|
-
|
25
|
-
NUMBERS_WITH_LINE_NOISE = /#{
|
26
|
+
SCHEME_OR_PLUS = /(\+|(?:[a-zA-Z][\-+.a-zA-Z\d]{,9}):\S+)/
|
27
|
+
NUMBERS_WITH_LINE_NOISE = /#{SCHEME_OR_PLUS}?\d(?:#{LINE_NOISE}\d#{LINE_NOISE}){10,17}\d/
|
26
28
|
|
27
29
|
attr_reader :replacement_token, :expose_first, :expose_last
|
28
30
|
|
@@ -60,16 +62,19 @@ class CreditCardSanitizer
|
|
60
62
|
to_utf8!(text)
|
61
63
|
|
62
64
|
redacted = nil
|
63
|
-
text.gsub!(NUMBERS_WITH_LINE_NOISE) do |match|
|
64
|
-
next match if $1
|
65
|
-
@numbers = match.tr('^0-9', '')
|
66
65
|
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
66
|
+
without_expiration(text) do
|
67
|
+
text.gsub!(NUMBERS_WITH_LINE_NOISE) do |match|
|
68
|
+
next match if $1
|
69
|
+
@numbers = match.tr('^0-9', '')
|
70
|
+
|
71
|
+
if valid_numbers?
|
72
|
+
redacted = true
|
73
|
+
redact_numbers!(match)
|
74
|
+
end
|
71
75
|
|
72
|
-
|
76
|
+
match
|
77
|
+
end
|
73
78
|
end
|
74
79
|
|
75
80
|
redacted && text
|
@@ -84,12 +89,12 @@ class CreditCardSanitizer
|
|
84
89
|
# Rails.app.config.filter_parameters = [:password, CreditCardSanitizer.parameter_filter]
|
85
90
|
#
|
86
91
|
# env = {
|
87
|
-
# "action_dispatch.request.parameters" => {"credit_card_number" => "
|
88
|
-
#
|
92
|
+
# "action_dispatch.request.parameters" => {"credit_card_number" => "4111 1111 1111 1111", "password" => "123"},
|
93
|
+
# "action_dispatch.parameter_filter" => Rails.app.config.filter_parameters
|
89
94
|
# }
|
90
95
|
#
|
91
96
|
# >> ActionDispatch::Request.new(env).filtered_parameters
|
92
|
-
# => {"credit_card_number" => "
|
97
|
+
# => {"credit_card_number" => "4111 11▇▇ ▇▇▇▇ 1111", "password" => "[FILTERED]"}
|
93
98
|
#
|
94
99
|
# Returns a Proc that takes the key/value of the request parameter.
|
95
100
|
def self.parameter_filter
|
@@ -107,10 +112,8 @@ class CreditCardSanitizer
|
|
107
112
|
end
|
108
113
|
|
109
114
|
def redact_numbers!(text)
|
110
|
-
|
111
|
-
|
112
|
-
text.gsub!(/\d/) do |number|
|
113
|
-
if within_redaction_range?(digit_index += 1)
|
115
|
+
text.gsub!(/\d/).with_index do |number, digit_index|
|
116
|
+
if within_redaction_range?(digit_index)
|
114
117
|
replacement_token
|
115
118
|
else
|
116
119
|
number
|
@@ -119,7 +122,14 @@ class CreditCardSanitizer
|
|
119
122
|
end
|
120
123
|
|
121
124
|
def within_redaction_range?(digit_index)
|
122
|
-
digit_index
|
125
|
+
digit_index >= expose_first && digit_index < @numbers.size - expose_last
|
126
|
+
end
|
127
|
+
|
128
|
+
def without_expiration(text)
|
129
|
+
expiration_date_boundary = SecureRandom.hex.tr('0123456789', 'ABCDEFGHIJ')
|
130
|
+
text.gsub!(EXPIRATION_DATE) { |expiration_date| "#{expiration_date_boundary}#{expiration_date}#{expiration_date_boundary}" }
|
131
|
+
yield
|
132
|
+
text.gsub!(expiration_date_boundary, '')
|
123
133
|
end
|
124
134
|
|
125
135
|
if ''.respond_to?(:scrub)
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: credit_card_sanitizer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.3.
|
4
|
+
version: 0.3.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Eric Chapweske
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2014-
|
13
|
+
date: 2014-11-17 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: appraisal
|