@@ -211,14 +211,18 @@ Configuration
211211* `validation `_
212212
213213 * :ref: `cache <reference-validation-cache >`
214- * :ref: `disable_not_compromised_password <reference-validation-disable_not_compromised_password >`
215214 * `email_validation_mode `_
216215 * :ref: `enable_annotations <reference-validation-enable_annotations >`
217216 * :ref: `enabled <reference-validation-enabled >`
218217 * :ref: `mapping <reference-validation-mapping >`
219218
220219 * :ref: `paths <reference-validation-mapping-paths >`
221220
221+ * :ref: `not_compromised_password <reference-validation-not-compromised-password >`
222+
223+ * :ref: `enabled <reference-validation-not-compromised-password-enabled >`
224+ * `endpoint `_
225+
222226 * `static_method `_
223227 * `strict_email `_
224228 * `translation_domain `_
@@ -2084,42 +2088,62 @@ has to implement the :class:`Symfony\\Component\\Validator\\Mapping\\Cache\\Cach
20842088Set this option to ``validator.mapping.cache.doctrine.apc `` to use the APC
20852089cache provide from the Doctrine project.
20862090
2087- .. _reference-validation-disable_not_compromised_password :
2091+ .. _reference-validation-enable_annotations :
20882092
2089- disable_not_compromised_password
2090- ................................
2093+ enable_annotations
2094+ ..................
20912095
20922096**type **: ``boolean `` **default **: ``false ``
20932097
2094- .. versionadded :: 4.3
2098+ If this option is enabled, validation constraints can be defined using annotations.
20952099
2096- The ``disable_not_compromised_password `` option was introduced in Symfony 4.3.
2100+ translation_domain
2101+ ..................
2102+
2103+ **type **: ``string `` **default **: ``validators ``
2104+
2105+ The translation domain that is used when translating validation constraint
2106+ error messages.
2107+
2108+ .. _reference-validation-not-compromised-password :
2109+
2110+ not_compromised_password
2111+ ~~~~~~~~~~~~~~~~~~~~~~~~
20972112
20982113The :doc: `NotCompromisedPassword </reference/constraints/NotCompromisedPassword >`
20992114constraint makes HTTP requests to a public API to check if the given password
21002115has been compromised in a data breach.
21012116
2117+ .. _reference-validation-not-compromised-password-enabled :
2118+
2119+ enabled
2120+ .......
2121+
2122+ **type **: ``boolean `` **default **: ``false ``
2123+
2124+ .. versionadded :: 4.3
2125+
2126+ The ``enabled `` option was introduced in Symfony 4.3.
2127+
21022128If you set this option to ``true ``, no HTTP requests will be made and the given
21032129password will be considered valid. This is useful when you don't want or can't
21042130make HTTP requests, such as in ``dev `` and ``test `` environments or in
21052131continuous integration servers.
21062132
2107- .. _reference-validation-enable_annotations :
2108-
21
8000
09- enable_annotations
2110- ..................
2111-
2112- **type **: ``boolean `` **default **: ``false ``
2133+ endpoint
2134+ ........
21132135
2114- If this option is enabled, validation constraints can be defined using annotations.
2136+ ** type **: `` string `` ** default **: `` null ``
21152137
2116- translation_domain
2117- ..................
2138+ .. versionadded :: 4.3
21182139
2119- ** type **: `` string `` ** default **: `` validators ``
2140+ The `` endpoint `` option was introduced in Symfony 4.3.
21202141
2121- The translation domain that is used when translating validation constraint
2122- error messages.
2142+ By default, the :doc: `NotCompromisedPassword </reference/constraints/NotCompromisedPassword >`
2143+ constraint uses the public API provided by `haveibeenpwned.com `_. This option
2144+ allows to define a different, but compatible, API endpoint to make the password
2145+ checks. It's useful for example when the Symfony application is run in an
2146+ intranet without public access to Internet.
21232147
21242148static_method
21252149.............
@@ -2717,3 +2741,4 @@ to know their differences.
27172741.. _`RFC 3986` : https://www.ietf.org/rfc/rfc3986.txt
27182742.. _`default_socket_timeout` : https://php.net/manual/en/filesystem.configuration.php#ini.default-socket-timeout
27192743.. _`PEM formatted` : https://en.wikipedia.org/wiki/Privacy-Enhanced_Mail
2744+ .. _`haveibeenpwned.com` : https://haveibeenpwned.com/
0 commit comments