Beispiel #1
0
        public void ClearData_Clear_SecureDataInJson_ReturnEscapeSecureData()
        {
            //Arrange
            string secureString =
                @"{
    user: 
'******',
    pass:
'******'
}";
            string             secureXMLAttr = "user";
            SecureStringFormat secureFormat  = SecureStringFormat.json;

            //Act
            string escapedString = Clear(secureString, secureXMLAttr, secureFormat);

            //Assert
            Assert.AreEqual(
                @"{
    user: 
'******',
    pass:
'******'
}", escapedString);
        }
Beispiel #2
0
        public void ClearData_Clear_SecureDataInJsonValue_ReturnEscapeSecureData()
        {
            //Arrange
            string secureString =
                @"{
    user: {
        key: '32',
        value: 'max'
    },
    password: {
        value: '123456'
    }
}";
            string             secureXMLAttr = "user";
            SecureStringFormat secureFormat  = SecureStringFormat.jsonvalue;

            //Act
            string escapedString = Clear(secureString, secureXMLAttr, secureFormat);

            //Assert
            Assert.AreEqual(
                @"{
    user: {
        key: '32',
        value: 'XXX'
    },
    password: {
        value: '123456'
    }
}", escapedString);
        }
Beispiel #3
0
        /// <summary>
        /// 1) string
        /// 2) key
        /// 3) format (urlget|urlrest|xmlelementvalue|xmlattribute|json|jsonvalue)
        /// </summary>
        public static string Clear(string secureString, string secureKeys, SecureStringFormat secureStringFormat)
        {
            char delimiter = ',';

            string[] SecureStringsArray = secureKeys.Split(delimiter);
            foreach (string secureKey in SecureStringsArray)
            {
                string regex = "";
                switch (secureStringFormat)
                {
                case SecureStringFormat.urlget:     //http://test.com?user=XXX&pass=XXXXXX
                    regex = @"((?<=(\?|\&)\s*" + secureKey + @"\s*=\s*)([^\&|\n]*))";
                    break;

                case SecureStringFormat.urlrest:     //http://test.com/users/XXX/info
                    regex = @"((?<=/" + secureKey + @"\s*\/)([^\/|\n]*))";
                    break;

                case SecureStringFormat.xmlelementvalue:     //<auth><user>XXX</user><pass>XXXXXX</pass></auth>
                    regex = @"((?<=<\s*" + secureKey + @"\s*>)([^\<]*))";
                    break;

                case SecureStringFormat.xmlattribute:     //<auth user='******' pass='******'>
                    regex = @"((?<=<.*\s+" + secureKey + @"\s*=\s*')([^']*))";
                    break;

                case SecureStringFormat.json:     //{ user: '******', pass:'******' }
                    regex = @"(?<={[^}]+?" + secureKey + @"\s*:\s*')([^']*)";
                    break;

                case SecureStringFormat.jsonvalue:     //{user: {value:'XXX'}, pass:{value:'XXXXXX'}}
                    regex = @"(?<={[\s\S]*?" + secureKey + @"\s*?:\s*?{[^}]*value\s*:\s*')([^']*)";
                    break;

                default:
                    regex = @"((?<=(\?|\&)\s*" + secureKey + @"\s*=\s*)([^\&|\n]*))|" +
                            @"((?<=<\s*" + secureKey + @"\s*>)([^\<]*))|" +
                            @"((?<=/" + secureKey + @"\s*\/)([^\/|\n]*))|" +
                            @"((?<=<.*\s+" + secureKey + @"\s*=\s*')([^']*))|" +
                            @"(?<={[\s\S]+?" + secureKey + @"\s*:\s*')([^']*)|" +
                            @"(?<={[\s\S]*?" + secureKey + @"\s*?:\s*?{[^}]*value\s*:\s*')([^']*)";
                    break;
                }
                foreach (Match matches in Regex.Matches(secureString, regex))
                {
                    //Console.WriteLine("'{0}' найдено на позиции {1}.", matches.Value, matches.Index);
                    string asterisks = "";
                    for (int i = 0; i < matches.Value.Length; i++)
                    {
                        asterisks += "X";
                    }
                    secureString = secureString.Remove(matches.Index, matches.Length).Insert(matches.Index, asterisks);
                }
            }
            return(secureString);
        }
Beispiel #4
0
        public void ClearData_Clear_SecureDataInGetParams_ReturnEscapeSecureData()
        {
            //Arrange
            string             secureString   = "http://test.com?user=max&pass=123456";
            string             secureGetParam = "user,pass";
            SecureStringFormat secureFormat   = SecureStringFormat.urlget;

            //Act
            string escapedString = Clear(secureString, secureGetParam, secureFormat);

            //Assert
            Assert.AreEqual("http://test.com?user=XXX&pass=XXXXXX", escapedString);
        }
Beispiel #5
0
        public void ClearData_Clear_SecureDataInXmlAttribute_ReturnEscapeSecureData()
        {
            //Arrange
            string             secureString  = "<auth user='******' pass='******'>";
            string             secureXMLAttr = "pass";
            SecureStringFormat secureFormat  = SecureStringFormat.xmlattribute;

            //Act
            string escapedString = Clear(secureString, secureXMLAttr, secureFormat);

            //Assert
            Assert.AreEqual("<auth user='******' pass='******'>", escapedString);
        }
Beispiel #6
0
        public void ClearData_Clear_SecureDataInXmlElementText_ReturnEscapeSecureData()
        {
            //Arrange
            string             secureString   = "<auth><user>max</user><pass>123456</pass></auth>";
            string             secureXMLValue = "pass";
            SecureStringFormat secureFormat   = SecureStringFormat.xmlelementvalue;

            //Act
            string escapedString = Clear(secureString, secureXMLValue, secureFormat);

            //Assert
            Assert.AreEqual("<auth><user>max</user><pass>XXXXXX</pass></auth>", escapedString);
        }
Beispiel #7
0
        public void ClearData_Clear_SecureDataInUrlRestText_ReturnEscapeSecureData()
        {
            //Arrange
            string             secureString   = "http://test.com/user/max/info";
            string             secureXMLValue = "user";
            SecureStringFormat secureFormat   = SecureStringFormat.urlrest;

            //Act
            string escapedString = Clear(secureString, secureXMLValue, secureFormat);

            //Assert
            Assert.AreEqual("http://test.com/user/XXX/info", escapedString);
        }