Trim param whitespace by default

[paulcsmith]

All kinds of sneaky bugs make it into apps because whitespace is not trimmed. Sometimes it can break layouts, it can cause login issues, or it just looks weird to output text with an extra space

Example bug:

• User signs up with [email protected] (accidental extra space)
• User tries to log in later with [email protected]

No matter how many passwords they try it will not work, because the user accidentally added a space at the end. This also applies to password where an extra trailing space can mess people up

Prior art

Laravel does this by default: https://laravel.com/docs/7.x/requests#input-trimming-and-normalization

We already treat empty strings as nil, but trimming/stripping should also be the default

Disabling

We should have a setting on Lucky to disable whitespace trimming. It can just be global, but eventually we may want to have a params.get_raw that gets the raw untrimmed value as well. In cases where you only have one weird param that you need to have untrimmed

[wout]

I've been bitten by this too!

I think calling params.get_raw explicitly if you need the values as they are, is the best approach. It's better than to configure it globally, as it can cause confusion when moving between projects. I don't know if there are many use cases for leading and trailing whitespace to stay around. Maybe adding the global flag is something we can add later, once the complaints start pouring in. 😀️

[paulcsmith]

I think you are right @wout! I originally wanted to do global because it was simpler to implement, but I actually think get_raw is as-easy or easier to agree that's the better and more explicit approach!