Skip to content

[Validator] Wire NotCompromisedPassword in FrameworkBundle and handle non UTF-8 password #30898

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 6, 2019
Merged

[Validator] Wire NotCompromisedPassword in FrameworkBundle and handle non UTF-8 password #30898

merged 1 commit into from
Apr 6, 2019

Conversation

tgalopin
Copy link
Contributor

@tgalopin tgalopin commented Apr 6, 2019
edited
Loading

Q A
Branch? master
Bug fix? yes
New feature? no
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets #30870
License MIT
Doc PR -

Live from #eu-fossa

Fix #30870

OskarStark
OskarStark reviewed Apr 6, 2019
View reviewed changes
Copy link
Contributor

@OskarStark OskarStark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A test case would be nice

@tgalopin tgalopin force-pushed the pwned-convert-encoding branch from a1be3d5 to 76fa504 Compare April 6, 2019 14:07
ostrolucky
ostrolucky suggested changes Apr 6, 2019
View reviewed changes
Copy link
Contributor

@ostrolucky ostrolucky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it makes too much sense to make this configurable. People who don't use UTF-8 should change internal_encoding php.ini setting

derrabus
derrabus requested changes Apr 6, 2019
View reviewed changes
Copy link
Member

@derrabus derrabus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a test case.

@stof
Copy link
Member

stof commented Apr 6, 2019

FrameworkBundle should define a service for that constraint validator, passing %kernel.charset% for this argument. Otherwise, customizing this charset will be a pain in a fullstack project.

@tgalopin
Copy link
Contributor Author

tgalopin commented Apr 6, 2019

@stof that's the aim, but it can be the subject of another PR IMO.

@tgalopin tgalopin force-pushed the pwned-convert-encoding branch from 76fa504 to 239810d Compare April 6, 2019 14:48
@tgalopin
Copy link
Contributor Author

tgalopin commented Apr 6, 2019

Updated

OskarStark
OskarStark approved these changes Apr 6, 2019
View reviewed changes
Copy link
Contributor

@OskarStark OskarStark left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice one 🎉

@tgalopin tgalopin changed the title [Validator] Convert encoding to UTF-8 when needed in NotPwnedValidator [Validator] Wire NotCompromisedPassword in FrameworkBundle and handle non UTF-8 password Apr 6, 2019
@tgalopin tgalopin changed the title [Validator] Wire NotCompromisedPassword in FrameworkBundle and handle non UTF-8 password [WIP][Validator] Wire NotCompromisedPassword in FrameworkBundle and handle non UTF-8 password Apr 6, 2019
@tgalopin tgalopin force-pushed the pwned-convert-encoding branch from 239810d to bc0ba26 Compare April 6, 2019 16:33
@tgalopin tgalopin requested a review from dunglas as a code owner April 6, 2019 16:33
@tgalopin
Copy link
Contributor Author

tgalopin commented Apr 6, 2019

Based on #30889, otherwise ready to review.

@fabpot
Copy link
Member

fabpot commented Apr 6, 2019

@tgalopin Can you rebase?

@tgalopin tgalopin force-pushed the pwned-convert-encoding branch from bc0ba26 to 4f74a33 Compare April 6, 2019 16:43
@tgalopin tgalopin changed the title [WIP][Validator] Wire NotCompromisedPassword in FrameworkBundle and handle non UTF-8 password [Validator] Wire NotCompromisedPassword in FrameworkBundle and handle non UTF-8 password Apr 6, 2019
@tgalopin
Copy link
Contributor Author

tgalopin commented Apr 6, 2019

Updated

@tgalopin tgalopin force-pushed the pwned-convert-encoding branch from 4f74a33 to c5cd75d Compare April 6, 2019 17:09
@tgalopin
Copy link
Contributor Author

tgalopin commented Apr 6, 2019

Updated

@nicolas-grekas nicolas-grekas added this to the next milestone Apr 6, 2019
@fabpot fabpot force-pushed the pwned-convert-encoding branch from c5cd75d to 8ac712b Compare April 6, 2019 17:56
@fabpot
Copy link
Member

fabpot commented Apr 6, 2019

Thank you @tgalopin.

@fabpot fabpot merged commit 8ac712b into symfony:master Apr 6, 2019
fabpot added a commit that referenced this pull request Apr 6, 2019
@fabpot
feature #30898 [Validator] Wire NotCompromisedPassword in FrameworkBu…
b045aca 
…ndle and handle non UTF-8 password (tgalopin)

This PR was squashed before being merged into the 4.3-dev branch (closes #30898).

Discussion
----------

[Validator] Wire NotCompromisedPassword in FrameworkBundle and handle non UTF-8 password

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #30870
| License       | MIT
| Doc PR        | -

Live from #eu-fossa

Fix #30870

Commits
-------

8ac712b [Validator] Wire NotCompromisedPassword in FrameworkBundle and handle non UTF-8 password
@tgalopin tgalopin deleted the pwned-convert-encoding branch April 6, 2019 18:54
@nicolas-grekas nicolas-grekas modified the milestones: next, 4.3 Apr 30, 2019
@fabpot fabpot mentioned this pull request May 9, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pborreli pborreli pborreli left review comments

@OskarStark OskarStark OskarStark approved these changes

@ostrolucky ostrolucky ostrolucky requested changes

@derrabus derrabus derrabus requested changes

@fabpot fabpot fabpot approved these changes

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@dbrumann dbrumann dbrumann approved these changes

@maxhelias maxhelias maxhelias approved these changes

@dunglas dunglas Awaiting requested review from dunglas

Assignees
No one assigned
Labels
Bug Status: Reviewed Validator
Projects
None yet
Milestone
4.3
Development

Successfully merging this pull request may close these issues.

NotPwnedValidator should convert passwords to UTF-8