[
https://issues.apache.org/jira/browse/LANG-1400?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16528703#comment-16528703
]
ASF GitHub Bot commented on LANG-1400:
--------------------------------------
Github user stokito commented on the issue:
https://github.com/apache/commons-lang/pull/335
Thank you for your examples. Just to clarify: `maskedStart` from this PR
corresponds to `minMasked` from #332 but the discussion is about adding a
`maxUnmasked`, right?
> some messages are short and contain one time passwords
it doesn't need for a masking at all. Short term generated values, OTPs and
tokens like OAuth `access_token` (but not `refresh_token`) are safe to write to
logs. If hacker stole logs we will have nothing to do with the data.
> have a `minMasked` value of 30
Why exactly 30? What if sensitive data will be still shown in unmasked
part? For this kind of data it's better to mask whole string.
> when we print part of the address we need at least the first 15
characters to be masked
If I understood correctly, it's enough `maskedStart` of 15 and
`maxUnmasked` not needed in the case.
> a generic API the method should be flexible, in order to cover a wide
variety of usecases.
What I'm afraid is that making the API too general leads to spending a time
to read the docs, or incorrect understanding and misuse. As a developer I can
clearly know how much chars to mask because I'm expect some kind of string but
how much chars will be in real string is unknown variable for me, so
`maxUnmasked` will be always a speculation. For example java's `StringBuilder`
has a constructor with initial capacity and from my experience programmers are
never even try to use it while this is critical for performance. So adding a
new parameter `maxUnmasked` may be not so useful in real life but confusing.
> StringUtils: Add method for masking strings
> -------------------------------------------
>
> Key: LANG-1400
> URL: https://issues.apache.org/jira/browse/LANG-1400
> Project: Commons Lang
> Issue Type: Improvement
> Components: lang.*
> Reporter: Sergey Ponomarev
> Priority: Minor
>
> It would be great to have a function which allows to mask the original str by
> replacing it's
> characters with the specified character-mask. For eaxmple to mask credit card:
> {code}
> mask("3566002020360505", 4, 4, '*') = "3566********0505"
> {code}
> Thus the number was hidden by asterisks while first and last four digits are
> unmasked and seen.
> Common use case is to hide sensitive information from logs, by using it in
> toString() of classes or in inputs to log calls.
> I think this is "must have" functionality for Commons Lang library because
> from my experience in almost all bit projects what I saw was their home grown
> masking function.
> I think this is very important also because this is required for masking
> credit card numbers by PCI compliance. Also new GDPR rules requires to hide
> personal info as much as possible so masking of First and Last names now is
> required by laws.
> To make the world safer place the utility for masking should be already
> existing in platform to avoid situations when developer think "this is
> better to mask but I don't have enough time now so let's do this latter"
> until leak happens.
> IMHO this should be implemented even in `String` class itself.
> From my experience what I saw was usually few masking usages and styles:
> 1. masking of passwords and names: only first and last symbols are shown,
> mask char is `*`
> 2. masking of credit cards: only first and last 4 or 6 symbols are shown,
> mask char is `*`.
> 3. credit card number shortest masking of last symbols i.e.
> `mask("4242424242424242") == " *4242"` but it's not so often used, I just
> wanted to mention.
> 4. not masking but showing a length just so see that value was passed. This
> can be easily achieved by usual `String.legth()` method.
> There is already some pull request
> [https://github.com/apache/commons-lang/pull/332] but I decided to create the
> ticket because we also need to support masking for ToStringBuilder and I
> would like to propose [PR with my own implementation of mask()
> function|https://github.com/apache/commons-lang/pull/335].
> If you accept my PR then I'll send another one with a new annotation
> @ToStringMasked in accordance to
> [@ToStringExclude|https://commons.apache.org/proper/commons-lang/apidocs/org/apache/commons/lang3/builder/ToStringExclude.html]
> which will mark that fields should be masked. Possible usage I see like:
> {code}
> @ToStringMasked(unmaskedStart = 4, unmaskedEnd = 4)
> String creditCardNumber;
> @ToStringMasked(unmaskedStart = 1, unmaskedEnd = 1)
> String password;
> {code}
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
