ggwhite / go-masker Goto Github PK
View Code? Open in Web Editor NEWSimple utility of creating a mask for sensitive information
Home Page: https://godoc.org/github.com/ggwhite/go-masker
License: MIT License
Simple utility of creating a mask for sensitive information
Home Page: https://godoc.org/github.com/ggwhite/go-masker
License: MIT License
Hello,
I'm working with your library and I found a potential bug with the email masking, it looks like it's just masking 4 characters and it's not checking the email length, here is an example:
func TestEmailMasker(t *testing.T) {
emailMasker := masker.New()
assert.Equal(t, "pot****@vegetables.com", emailMasker.Email("[email protected]")) // -> good
assert.Equal(t, "pot***********@vegetables.com", emailMasker.Email("[email protected]"))
// -> return assertion failed: assertion failed: pot***********@vegetables.com (string) != pot****[email protected] (string)
}
On the first assert, there is only 1 character after the first 3 letters and it's adding 4 *
but it's not an issue IMO.
But on the second case, the mask is adding 4 *
and not hiding the next characters, I think it's not the behavior wanted, we can easily find the real email behind a mask like this one.
Thanks!
Hello,
I am trying to mask email addresses. Masker does work fine when the email address is in the right format, but if I provide some string which does not match email pattern it breaks with a panic. This is the code https://play.golang.org/p/jk-sVuBSE6k
maskedEmail := masker.Email("abcd")
I get the error as following:
panic: runtime error: index out of range [1] with length 1
goroutine 1 [running]:
github.com/ggwhite/go-masker.(*Masker).Email(0x405759, {0x495798, 0x4})
/tmp/gopath417995300/pkg/mod/github.com/ggwhite/go-masker@v1.0.4/masker.go:339 +0xfa
github.com/ggwhite/go-masker.Email(...)
/tmp/gopath417995300/pkg/mod/github.com/ggwhite/go-masker@v1.0.4/masker.go:507
main.main()
/tmp/sandbox1195686087/prog.go:9 +0x2c
My understanding is, this package is not meant to be doing any king of validations nor it should assume any particular format for the email or anything else for that matter.
Shouldn't the masker be more forgiving and not panic? Maybe as a fallback, instead of failing it can return a nil or just mask everything as a password and return.
I am trying to mask the structs generated by protobuf, but encounter this error: panic: reflect: reflect.Value.Set using value obtained using unexported field
because all the structs generated by protobuf has some private fields, such as
state protoimpl.MessageState sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields
and when when we use reflection, it is complaining.
I am wondering if there is any work-around for this.
Hello,
I want to mask all the characters in a field in my struct that is not a password. https://play.golang.org/p/xAdDleuk1KN
type personalDetails struct {
SSN string `mask:"password"`
}
While this works fine, but masking it as a type password does not make sense to the reader. It sounds more like SSN is a password when I read the code.
I was wondering if we can solve this by any of the two approaches:
If we can have some Generic types that can be used, such as mask:"all"
and even more types such as mask:"first-3"
or mask:"last-5"
Or if we can add more specific types such as mask:"ssn"
or mask:"dob"
Having more specialised types just makes is rigid to use, so if we can add some generic types like mentioned in approach 1 above?
Hi,
Following my last issue #26, I think it's a good idea to add a parameter in your function Email()
to mask the domain if the boolean is set as true. Right now, it's just adding 4 *
on the email but it's very easy to reverse, here is an example:
[email protected] -> tho***@hallard.info
It's very easy with some researchs to find my first name.
With the domain masking, it should looks like this and it's way difficult to reverse my email right now:
[email protected] -> tho***@ha*****.info or tho***@*******.info
I suggest to change the signature of the function to:
func Email(i string, maskDomain boolean) string {
// ...
}
I'm running "go get -u github.com/ggwhite/go-masker" and getting the following error:
../../../../go/pkg/mod/github.com/ggwhite/[email protected]/masker.go:322:64: undefined: math.MaxInt
Could you please upgrade the codebase for go 1.16 and above?
say for instance I have
package main
import (
masker "github.com/ggwhite/go-masker"
)
func main() {
masker.String(masker.MName, "ggwhite")
masker.String(masker.MID, "A123456789")
masker.String(masker.MMobile, "0987987987")
}
how would I be able to unmask the strings for use in sql query statement?
Hint with this code , seems embedded struct doesn't logged and not printed out as a masking value
package main
import (
"github.com/ggwhite/go-masker"
"github.com/sirupsen/logrus"
)
type User struct {
ID string `mask:"id"`
Data string `mask:"data"`
}
type Custom struct {
ID string `mask:"id"`
CustomerID string `mask:"customer_id"`
PhoneNumber string `mask:"phone_number"`
Email string `mask:"email"`
User User `mask:"user"`
}
func main() {
u := User{
ID: "A93489",
Data: "Hello World Sensitive Data",
}
c := &Custom{
ID: "1234",
CustomerID: "947549937289",
PhoneNumber: "8764556537",
Email: "[email protected]",
User: u,
}
t, _ := masker.Struct(c)
logrus.Infof("%v", t)
}
// output : INFO[0000] &{1234**** 947549937289 8764556537 ica****@gmail.com { }}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.