Web UI does not trim leading/trailing whitespaces in a secret's key

[rebbuh]

Describe the bug
The Web UI does not trim leading/trailing whitespaces in a secret's key. Consequently, there might be issues when accessing the key. These leading/trailing whitespaces are hard to detect in the UI, especially since the input fields have a custom style and padding.

To Reproduce
Steps to reproduce the behavior:

1. Create a secret using the Web UI.
2. Add a key-value pair including leading/trailing whitespaces in the key.
3. Try to access the value via the API using the key without any leading/trailing whitespaces. It cannot be found.

Expected behavior
Trim leading/trailing whitespaces in keys. If this is not desired, consider to alert the user in the Web UI in such cases.
Also consider to alert the user if there are leading/trailing whitespaces in the corresponding value. However, trimming the value may not be beneficial (in general, modifying/normalizing passwords automatically is a bad idea).

Environment:

• Vault Version: 0.10.3

[thomaswors]

This seems to still be an issue in Vault 1.8.4+prem

In the UI, whitespace is shown:

When copying the raw values, whitespace is preserved:

# /etc/datadog-agent/conf.d/mongo.d/conf.yaml
init_config:
instances:
  - hosts:
      - 127.0.0.1:443
    username: datadog

When using Vault CLI and running read, the whitespace is lost:

# /etc/datadog-agent/conf.d/mongo.d/conf.yaml                   
                  init_config:                                                    
                  instances:                                                      
                  - hosts:                                                        
                  - 127.0.0.1:443                                                 
                  username: datadog   

When called down via Terraform, whitespace is lost:

# /etc/datadog-agent/conf.d/mongo.d/conf.yaml
init_config:
instances:
 - hosts:
 - 127.0.0.1:443
 username: datadog

[aphorise]

I can confirm that this has been fixed since it was reported (unless I am testing incorrectly).

@rebbuh @thomaswors do you folks agree that it's okay to close?

[aphorise]

Please reopen if I've misunderstood or tested incorrectly.

[swamy-m-s]

on which version it has been fixed, we are using 1.11.9 and the issue still persist

[Monkeychip]

A validation message should show if the secret name/path contains a white space. This validation was added for version 1.9. See PR here.

However, there is currently no validation on a secret's key to check for whitespace. I will go ahead and make a ticket for this and try to get this validation pushed through. Thank you everyone for the discussion!

I'll go ahead and reopen this ticket.