|
|
@@ -4,7 +4,10 @@ import (
|
|
|
"encoding/base64"
|
|
|
"encoding/json"
|
|
|
"math/rand"
|
|
|
+ "net/url"
|
|
|
+ "regexp"
|
|
|
"strconv"
|
|
|
+ "strings"
|
|
|
"unsafe"
|
|
|
)
|
|
|
|
|
|
@@ -95,3 +98,95 @@ func GetJsonString(data any) string {
|
|
|
b, _ := json.Marshal(data)
|
|
|
return string(b)
|
|
|
}
|
|
|
+
|
|
|
+// MaskSensitiveInfo masks sensitive information like URLs, IPs in a string
|
|
|
+// Example:
|
|
|
+// http://example.com -> http://***.com
|
|
|
+// https://api.test.org/v1/users/123?key=secret -> https://***.org/***/***/?key=***
|
|
|
+// https://sub.domain.co.uk/path/to/resource -> https://***.co.uk/***/***
|
|
|
+// 192.168.1.1 -> ***.***.***.***
|
|
|
+func MaskSensitiveInfo(str string) string {
|
|
|
+ // Mask URLs
|
|
|
+ urlPattern := regexp.MustCompile(`(http|https)://[^\s/$.?#].[^\s]*`)
|
|
|
+ str = urlPattern.ReplaceAllStringFunc(str, func(urlStr string) string {
|
|
|
+ u, err := url.Parse(urlStr)
|
|
|
+ if err != nil {
|
|
|
+ return urlStr
|
|
|
+ }
|
|
|
+
|
|
|
+ host := u.Host
|
|
|
+ if host == "" {
|
|
|
+ return urlStr
|
|
|
+ }
|
|
|
+
|
|
|
+ // Split host by dots
|
|
|
+ parts := strings.Split(host, ".")
|
|
|
+ if len(parts) < 2 {
|
|
|
+ // If less than 2 parts, just mask the whole host
|
|
|
+ return u.Scheme + "://***" + u.Path
|
|
|
+ }
|
|
|
+
|
|
|
+ // Keep the TLD (Top Level Domain) and mask the rest
|
|
|
+ var maskedHost string
|
|
|
+ if len(parts) == 2 {
|
|
|
+ // example.com -> ***.com
|
|
|
+ maskedHost = "***." + parts[len(parts)-1]
|
|
|
+ } else {
|
|
|
+ // Handle cases like sub.domain.co.uk or api.example.com
|
|
|
+ // Keep last 2 parts if they look like country code TLD (co.uk, com.cn, etc.)
|
|
|
+ lastPart := parts[len(parts)-1]
|
|
|
+ secondLastPart := parts[len(parts)-2]
|
|
|
+
|
|
|
+ if len(lastPart) == 2 && len(secondLastPart) <= 3 {
|
|
|
+ // Likely country code TLD like co.uk, com.cn
|
|
|
+ maskedHost = "***." + secondLastPart + "." + lastPart
|
|
|
+ } else {
|
|
|
+ // Regular TLD like .com, .org
|
|
|
+ maskedHost = "***." + lastPart
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ result := u.Scheme + "://" + maskedHost
|
|
|
+
|
|
|
+ // Mask path
|
|
|
+ if u.Path != "" && u.Path != "/" {
|
|
|
+ pathParts := strings.Split(strings.Trim(u.Path, "/"), "/")
|
|
|
+ maskedPathParts := make([]string, len(pathParts))
|
|
|
+ for i := range pathParts {
|
|
|
+ if pathParts[i] != "" {
|
|
|
+ maskedPathParts[i] = "***"
|
|
|
+ }
|
|
|
+ }
|
|
|
+ if len(maskedPathParts) > 0 {
|
|
|
+ result += "/" + strings.Join(maskedPathParts, "/")
|
|
|
+ }
|
|
|
+ } else if u.Path == "/" {
|
|
|
+ result += "/"
|
|
|
+ }
|
|
|
+
|
|
|
+ // Mask query parameters
|
|
|
+ if u.RawQuery != "" {
|
|
|
+ values, err := url.ParseQuery(u.RawQuery)
|
|
|
+ if err != nil {
|
|
|
+ // If can't parse query, just mask the whole query string
|
|
|
+ result += "?***"
|
|
|
+ } else {
|
|
|
+ maskedParams := make([]string, 0, len(values))
|
|
|
+ for key := range values {
|
|
|
+ maskedParams = append(maskedParams, key+"=***")
|
|
|
+ }
|
|
|
+ if len(maskedParams) > 0 {
|
|
|
+ result += "?" + strings.Join(maskedParams, "&")
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ return result
|
|
|
+ })
|
|
|
+
|
|
|
+ // Mask IP addresses
|
|
|
+ ipPattern := regexp.MustCompile(`\b(?:\d{1,3}\.){3}\d{1,3}\b`)
|
|
|
+ str = ipPattern.ReplaceAllString(str, "***.***.***.***")
|
|
|
+
|
|
|
+ return str
|
|
|
+}
|
CaIon