From b3e171debe425d12b55464d1a2005fcbc098dea5 Mon Sep 17 00:00:00 2001
From: Nate Berkopec <nate.berkopec@gmail.com>
Date: Tue, 25 Nov 2014 20:58:14 -0500
Subject: [PATCH] Better credit card scrubbing

---
 lib/raven/processor/sanitizedata.rb                  | 6 +++---
 spec/raven/processors/sanitizedata_processor_spec.rb | 3 +++
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/lib/raven/processor/sanitizedata.rb b/lib/raven/processor/sanitizedata.rb
index 3ccd30067..6876e3a7a 100644
--- a/lib/raven/processor/sanitizedata.rb
+++ b/lib/raven/processor/sanitizedata.rb
@@ -3,7 +3,7 @@ class Processor::SanitizeData < Processor
     STRING_MASK = '********'
     INT_MASK = 0
     DEFAULT_FIELDS = %w(authorization password passwd secret ssn social(.*)?sec)
-    VALUES_RE = /^\d{16}$/
+    CREDIT_CARD_RE = /^(?:\d[ -]*?){13,16}$/
 
     def process(value)
       value.inject(value) { |memo,(k,v)|  memo[k] = sanitize(k,v); memo }
@@ -17,9 +17,9 @@ def sanitize(k,v)
       elsif v.is_a?(String) && (json = parse_json_or_nil(v))
         #if this string is actually a json obj, convert and sanitize
         json.is_a?(Hash) ? process(json).to_json : v
-      elsif v.is_a?(Integer) && (VALUES_RE.match(v.to_s) || fields_re.match(k.to_s))
+      elsif v.is_a?(Integer) && (CREDIT_CARD_RE.match(v.to_s) || fields_re.match(k.to_s))
         INT_MASK
-      elsif v.is_a?(String)  && (VALUES_RE.match(v.to_s) || fields_re.match(k.to_s))
+      elsif v.is_a?(String)  && (CREDIT_CARD_RE.match(v.to_s) || fields_re.match(k.to_s))
         STRING_MASK
       else
         v
diff --git a/spec/raven/processors/sanitizedata_processor_spec.rb b/spec/raven/processors/sanitizedata_processor_spec.rb
index 76a12b292..607b2a4dc 100644
--- a/spec/raven/processors/sanitizedata_processor_spec.rb
+++ b/spec/raven/processors/sanitizedata_processor_spec.rb
@@ -86,11 +86,14 @@
   it 'should filter credit card values' do
     data = {
       'ccnumba' => '4242424242424242',
+      'ccnumba_13' => '4242424242424',
+      'ccnumba-dash' => '4242-4242-4242-4242',
       'ccnumba_int' => 4242424242424242,
     }
 
     result = @processor.process(data)
     expect(result["ccnumba"]).to eq(Raven::Processor::SanitizeData::STRING_MASK)
+    expect(result["ccnumba_13"]).to eq(Raven::Processor::SanitizeData::STRING_MASK)
     expect(result["ccnumba_int"]).to eq(Raven::Processor::SanitizeData::INT_MASK)
   end