Question
I am building a wrapper to process payments. We want to log requests, but don't want to store sensitive credit card data. A query string will be passed similar to what is below
amount=100.00&expMonth=01&expYear=14&cardnumber=4111111111111111
I want to mask the first 12 digits of the credit card number with X values. However, the cardnumber key will not always be in the same spot.
My first leaning is to create a NameValueCollection and check for the key and do a string.format("XXXX-XXXX-XXXX-{0}", substring of the value
https://stackoverflow.com/questions/20808244
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianvar qs = HttpUtility.ParseQueryString(request);
foreach (string key in qs)
{
if (key == "creditcard")
{
}
}
Can someone point me in the right direction?
I need to save the string in the same format with just the credit card number masked.
Solution 2
This works great, there may be a more elegant solution though.
var maskedRequest = "";
var qs = HttpUtility.ParseQueryString(request);
foreach (string item in qs.AllKeys)
{
if (item != "cardnumber")
{
maskedRequest = maskedRequest + item + "=" + qs.Get(item) + "&";
}
else
{
maskedRequest = maskedRequest + item + "=" + string.Format("XXXX-XXXX-XXXX-{0}", qs.Get(item).Substring(12, 4)) + "&";
}
}
maskedRequest = maskedRequest.Remove(maskedRequest.Length - 1)
OTHER TIPS
Seems like a sensible approach, but maybe using Get method on the NameValueCollection would be easier. Like so:
String maskedCardNumber = null;
var qs = HttpUtility.ParseQueryString(request);
var cardNumber = qs.Get("cardnumber");
if (cardNumber != null)
{
var substring = cardNumber.Substring(cardNumber.Length - Math.Min(4, cardNumber.Length));
maskedCardNumber = String.Format("XXXX-XXXX-XXXX-{0}", substring);
}
