[EasyUtils] Add Luhn validation to CreditCardNumberValidator #1344
Conversation
- add luhn validation
|
Code Review in Space: https://eonx.jetbrains.space/p/support/reviews/326/timeline |
- fix ecs issue
- check luhn for all schemes
There was a problem hiding this comment.
🎉👏💯
Secure code in this PR has been written to best practice standards and covers the following as a minimum. Please ticket if coded this way (also tick if not relevant to this code change):
- Protect from Injection attacks
- Protect data with proper input validation, and protect against buffer overflows, pointers/shared data
- Protect with appropriate encryption and cryptography (E.g. Appropriate hashing, symmetric encryption used, ciphers) if applicable
- Protect against XSS and CSRF
- Ensure that pages, data access etc, are written with appropriate access control authorisation and authentication requirements
- Ensure all important errors and business logic cases are handled
- Ensure forwards and redirects are handled
- Ensure no sensitive data is exposed and appropriate logging in place as required
See procedure for more details: PROC-010 Secure Coding Practices
There was a problem hiding this comment.
Code review complete. Excellent job!
Secure code in this PR has been written to best practice standards and covers the following as a minimum. Please ticket if coded this way (also tick if not relevant to this code change):
- Protect from Injection attacks
- Protect data with proper input validation, and protect against buffer overflows, pointers/shared data
- Protect with appropriate encryption and cryptography (E.g. Appropriate hashing, symmetric encryption used, ciphers) if applicable
- Protect against XSS and CSRF
- Ensure that pages, data access etc, are written with appropriate access control authorisation and authentication requirements
- Ensure all important errors and business logic cases are handled
- Ensure forwards and redirects are handled
- Ensure no sensitive data is exposed and appropriate logging in place as required
See procedure for more details: PROC-010 Secure Coding Practices
There was a problem hiding this comment.
Thanks @voodooism. Nice work! Code review complete.
Secure code in this PR has been written to best practice standards and covers the following as a minimum. Please ticket if coded this way (also tick if not relevant to this code change):
- Protect from Injection attacks
- Protect data with proper input validation, and protect against buffer overflows, pointers/shared data
- Protect with appropriate encryption and cryptography (E.g. Appropriate hashing, symmetric encryption used, ciphers) if applicable
- Protect against XSS and CSRF
- Ensure that pages, data access etc, are written with appropriate access control authorisation and authentication requirements
- Ensure all important errors and business logic cases are handled
- Ensure forwards and redirects are handled
- Ensure no sensitive data is exposed and appropriate logging in place as required
See procedure for more details: PROC-010 Secure Coding Practices
- fix rector issue
voodooism
dismissed stale reviews from alexndlm, akl-95, and roman-eonx
via
bf69f0e
There was a problem hiding this comment.
Code review approved. 👏 Keep up the good work!
Secure code in this PR has been written to best practice standards and covers the following as a minimum. Please ticket if coded this way (also tick if not relevant to this code change):
- Protect from Injection attacks
- Protect data with proper input validation, and protect against buffer overflows, pointers/shared data
- Protect with appropriate encryption and cryptography (E.g. Appropriate hashing, symmetric encryption used, ciphers) if applicable
- Protect against XSS and CSRF
- Ensure that pages, data access etc, are written with appropriate access control authorisation and authentication requirements
- Ensure all important errors and business logic cases are handled
- Ensure forwards and redirects are handled
- Ensure no sensitive data is exposed and appropriate logging in place as required
See procedure for more details: PROC-010 Secure Coding Practices
There was a problem hiding this comment.
Thanks @voodooism. 🙌🎖️💪🏼
Secure code in this PR has been written to best practice standards and covers the following as a minimum. Please ticket if coded this way (also tick if not relevant to this code change):
- Protect from Injection attacks
- Protect data with proper input validation, and protect against buffer overflows, pointers/shared data
- Protect with appropriate encryption and cryptography (E.g. Appropriate hashing, symmetric encryption used, ciphers) if applicable
- Protect against XSS and CSRF
- Ensure that pages, data access etc, are written with appropriate access control authorisation and authentication requirements
- Ensure all important errors and business logic cases are handled
- Ensure forwards and redirects are handled
- Ensure no sensitive data is exposed and appropriate logging in place as required
See procedure for more details: PROC-010 Secure Coding Practices
roman-eonx
changed the title
Sometimes in the \EonX\EasyUtils\SensitiveData\StringSanitizers\CreditCardNumberStringSanitizer::sanitizeString method, the pan validator can decide that some sequence of digits is a valid pan. To avoid this let's check it by the Luhn algorithm