Lightboard Lessons: Secure Data Tokenization
Companies that are subject to security audits, such as PCI DSS, could benefit from a solution that takes sensitive information and moves it from their web servers to the enterprise edge or ingress po...
Published Aug 03, 2016
Version 1.0
@Mats Nystrom, I reached out to the guys who contributed to the code and here's some feedback from them:
We are not supposed to have a send or receive, the request is being parsed and we are simply releasing the TCP connection:
TCP::payload replace 0 [TCP::payload length] $newdata3
TCP::release
Then parsing it back in the response from voltage:
when HTTP_RESPONSE { Collect HTTP response data
by the way, there is a small typo there in the example as you are saying you are ending CLIENT_DATA and you are only ending the IF statement … that might throw people off:
when CLIENT_DATA {
if {[TCP::payload] contains "GET /tokenize?"} {
Optional logging for debugging log local0. "Tokenization GET request"
} else { log local0. "Some other request - let it through" TCP::release return
} end when CLIENT_DATA
get the query string: this what we want to encrypt set plaintext [findstr [TCP::payload] "data=" 5 "&"]
Let me know if you have any other questions. Thanks!