Masked(string $range, Validator $validator)Masked(string $range, Validator $validator, string $replacement)
Decorates a validator to mask input values in error messages while still validating the original unmasked input.
v::masked('1-@', v::email())->assert('foo@example.com');
// Validation passes successfully
v::masked('1-@', v::email())->assert('invalid username@domain.com');
// → "****************@domain.com" must be a valid email address
v::masked('1-', v::lengthGreaterThan(10))->assert('password');
// → The length of "********" must be greater than 10
v::masked('6-12', v::creditCard(), 'X')->assert('4111111111111211');
// → "41111XXXXXXX1211" must be a valid credit card numberThis validator is useful for security-sensitive applications where error messages should not expose sensitive data like credit card numbers, passwords, or email addresses.
It uses respect/string-formatter as the underlying masking engine. See the section the documentation of MaskFormatter for more information.
- Display
- Miscellaneous
The validator first ensures the input is a valid string using StringVal. If the input passes string validation, it validates the original unmasked input using the inner validator. If validation fails, it applies masking to the input value shown in error messages.
| Version | Description |
|---|---|
| 3.0.0 | Created |