Merge pull request #17593 from overleaf/bg-account-security-update-hibp-links

Update haveibeenpwnd links to use the password check form

GitOrigin-RevId: f67b1ed689c851ad3684becc38cd5eb82b0018a2

services/web/app/src/Features/Authentication/AuthenticationController.js

@@ -233,7 +233,7 @@ const AuthenticationController = {
                       'password_compromised_try_again_or_use_known_device_or_reset'
                     )
                     .replace('<0>', '')
-                    .replace('</0>', ' (https://haveibeenpwned.com)')
+                    .replace('</0>', ' (https://haveibeenpwned.com/passwords)')
                     .replace('<1>', '')
                     .replace(
                       '</1>',

services/web/app/views/user/login.pug

@@ -16,7 +16,7 @@ block content
 								span.sr-only(id='resetPasswordDescription')
 									| #{translate('reset_password_link')}
 							+customValidationMessage('password-compromised')
-								| !{translate('password_compromised_try_again_or_use_known_device_or_reset', {}, [{name: 'a', attrs: {href: 'https://haveibeenpwned.com', rel: 'noopener noreferrer', target: '_blank'}}, {name: 'a', attrs: {href: '/user/password/reset', target: '_blank'}}])}.
+								| !{translate('password_compromised_try_again_or_use_known_device_or_reset', {}, [{name: 'a', attrs: {href: 'https://haveibeenpwned.com/passwords', rel: 'noopener noreferrer', target: '_blank'}}, {name: 'a', attrs: {href: '/user/password/reset', target: '_blank'}}])}.
 							.form-group
 								input.form-control(
 									type='email',

services/web/app/views/user/setPassword.pug

@@ -60,7 +60,7 @@ block content
 								| #{translate('password_cant_be_the_same_as_current_one')}.
 
 							+customValidationMessage('password-must-be-strong')
-								| !{translate('password_was_detected_on_a_public_list_of_known_compromised_passwords', {}, [{name: 'a', attrs: {href: 'https://haveibeenpwned.com', rel: 'noopener noreferrer', target: '_blank'}}])}.
+								| !{translate('password_was_detected_on_a_public_list_of_known_compromised_passwords', {}, [{name: 'a', attrs: {href: 'https://haveibeenpwned.com/passwords', rel: 'noopener noreferrer', target: '_blank'}}])}.
 								| #{translate('use_a_different_password')}.
 
 							input(

services/web/frontend/js/features/settings/components/password-section.tsx

@@ -174,7 +174,7 @@ function PasswordForm() {
                   components={[
                     /* eslint-disable-next-line jsx-a11y/anchor-has-content, react/jsx-key */
                     <a
-                      href="https://haveibeenpwned.com"
+                      href="https://haveibeenpwned.com/passwords"
                       target="_blank"
                       rel="noreferrer noopener"
                     />,

services/web/test/acceptance/src/HaveIBeenPwnedApiTests.js

@@ -92,7 +92,7 @@ describe('HaveIBeenPwnedApi', function () {
           message: {
             type: 'error',
             key: 'password-compromised',
-            text: `The password you’ve entered is on a public list of compromised passwords (https://haveibeenpwned.com). Please try logging in from a device you’ve previously used or reset your password (${Settings.siteUrl}/user/password/reset).`,
+            text: `The password you’ve entered is on a public list of compromised passwords (https://haveibeenpwned.com/passwords). Please try logging in from a device you’ve previously used or reset your password (${Settings.siteUrl}/user/password/reset).`,
           },
         })
       }