The prohibited validation rule in Laravel 8.x

Amit Merchant · March 30, 2021 ·

Sometimes, all you would need is to forcefully prevent some of the fields in the request. Essentially, to “prohibit” or ban the fields to be mandatorily empty or not present in the request at all.

The recent release of Laravel 8.x has just got that. In comes the prohibited validation rule.

The prohibited validation rule

The prohibited rule checks if the field under validation must be empty or not present or throw an error otherwise.

Quoting the PR example here, if you working on an API that involves the license_key field and if you’re expecting this field not to be in the request, you can register the prohibited validation rule like so.

// PUT /api/licenses/123-456
// {"name":"hello-world", "license_key":"random-key"}

$validated = $request->validate([
    'name' => 'required|max:255',
    'license_key' => 'prohibited',

// Response: 422
// The license_key field is prohibited

As you can tell, if the license_key field is present in the request, it will terminate the request with the 422 HTTP response code and throw the error with the message The license_key field is prohibited.

👋 Hi there! I'm Amit. I write articles about all things web development. If you like what I write and want me to continue doing the same, I would like you buy me some coffees. I'd highly appreciate that. Cheers!