params strip to remove whitespaces #156

mikhailov opened this Issue Jul 17, 2010 · 3 comments


None yet

3 participants


I have several users who copy-paste passwords from email and the whitespaces are appear here.
What do you think to add String#strip method at ?


I'm using String#strip! method into controller, and it isn't good
p = params[:user_session]


I found this while searching if my issue is already reported.

It is not ideal to strip characters from user input. While it is generally avoided, it is possible for passwords to contain spaces. Just because your users copy/paste from email does not mean others do the same. Stripping other parameters are not ideal, either.


Agree with @onebree, closing this out.

@tiegz tiegz closed this Sep 21, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment