forked from microsoft/component-detection
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathStringUtilities.cs
More file actions
34 lines (30 loc) · 1.25 KB
/
Copy pathStringUtilities.cs
File metadata and controls
34 lines (30 loc) · 1.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#nullable disable
namespace Microsoft.ComponentDetection.Common;
using System;
using System.Text.RegularExpressions;
public static class StringUtilities
{
private static readonly Regex SensitiveInfoRegex = new Regex(@"(?<=https://)(.+)(?=@)", RegexOptions.Compiled | RegexOptions.IgnoreCase, TimeSpan.FromSeconds(5));
public const string SensitivePlaceholder = "******";
/// <summary>
/// Utility method to remove sensitive information from a string, currently focused on removing on the credentials placed within URL which can be part of CLI commands.
/// </summary>
/// <param name="inputString">String with possible credentials.</param>
/// <returns>New string identical to original string, except credentials in URL are replaced with placeholders.</returns>
public static string RemoveSensitiveInformation(this string inputString)
{
if (string.IsNullOrWhiteSpace(inputString))
{
return inputString;
}
try
{
return SensitiveInfoRegex.Replace(inputString, SensitivePlaceholder);
}
catch (Exception)
{
// No matter the exception, we should not break flow due to regex failure/timeout.
return inputString;
}
}
}