trim() the login email field: Android might add trailing spaces #1225

New Issue

Closed

opened 2026-02-05 00:20:11 +03:00 by OVERLORD · 1 comment

OVERLORD commented 2026-02-05 00:20:11 +03:00

Owner

Copy Link

Originally created by @hitech95 on GitHub (Mar 3, 2022).

Subject of the issue

Android might add trailing space to email on login input

Deployment environment

• vaultwarden version: 1.24.0

• Install method: Docker Compose

• Clients used: Android Client

• Reverse proxy and version: traefik v2

• PostgreSQL version: PostgreSQL 11.15 (Debian 11.15-1.pgdg90+1) on x86_64-pc-linux-gnu

• Other relevant details:

Steps to reproduce

• Using gboard auto completion on first login and/or after disconnecting the account
• The email address input might have a trailing space.
• Perform the login and you will get an authentication error.
• The "issue" is not easily visible
• looking in vaultwarden logs you find the error:
  [2022-03-02 22:12:09.086][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: x.x.x.x. Username: xxxxxx@gmail.com .
• Note that the trailing dot is not attached to the email address as in the template:
  https://github.com/dani-garcia/vaultwarden/blob/main/src/api/identity.rs#L104
  The issue seems not to be present using the official server. (I have not tried with self hosted one)

Expected behaviour

Server perform trim on input email berfore looking for the user in the database.

Actual behaviour

Login is rejected

Troubleshooting data

Originally created by @hitech95 on GitHub (Mar 3, 2022). <!-- # ### NOTE: Please update to the latest version of vaultwarden before reporting an issue! This saves you and us a lot of time and troubleshooting. See: * https://github.com/dani-garcia/vaultwarden/issues/1180 * https://github.com/dani-garcia/vaultwarden/wiki/Updating-the-vaultwarden-image # ### --> <!-- Please fill out the following template to make solving your problem easier and faster for us. This is only a guideline. If you think that parts are unnecessary for your issue, feel free to remove them. Remember to hide/redact personal or confidential information, such as passwords, IP addresses, and DNS names as appropriate. --> ### Subject of the issue Android might add trailing space to email on login input ### Deployment environment <!-- ========================================================================================= Preferably, use the `Generate Support String` button on the admin page's Diagnostics tab. That will auto-generate most of the info requested in this section. ========================================================================================= --> <!-- The version number, obtained from the logs (at startup) or the admin diagnostics page --> <!-- This is NOT the version number shown on the web vault, which is versioned separately from vaultwarden --> <!-- Remember to check if your issue exists on the latest version first! --> * vaultwarden version: 1.24.0 <!-- How the server was installed: Docker image, OS package, built from source, etc. --> * Install method: Docker Compose * Clients used: Android Client * Reverse proxy and version: traefik v2 * PostgreSQL version: PostgreSQL 11.15 (Debian 11.15-1.pgdg90+1) on x86_64-pc-linux-gnu * Other relevant details: ### Steps to reproduce <!-- Tell us how to reproduce this issue. What parameters did you set (differently from the defaults) and how did you start vaultwarden? --> - Using gboard auto completion on first login and/or after disconnecting the account - The email address input might have a trailing space. - Perform the login and you will get an authentication error. - The "issue" is not easily visible - looking in vaultwarden logs you find the error: `[2022-03-02 22:12:09.086][vaultwarden::api::identity][ERROR] Username or password is incorrect. Try again. IP: x.x.x.x. Username: xxxxxx@gmail.com .` - Note that the trailing dot is not attached to the email address as in the template: https://github.com/dani-garcia/vaultwarden/blob/main/src/api/identity.rs#L104 The issue seems not to be present using the official server. (I have not tried with self hosted one) ### Expected behaviour <!-- Tell us what you expected to happen --> Server perform trim on input email berfore looking for the user in the database. ### Actual behaviour <!-- Tell us what actually happened --> Login is rejected ### Troubleshooting data <!-- Share any log files, screenshots, or other relevant troubleshooting data -->

OVERLORD added the enhancement label 2026-02-05 00:20:11 +03:00

OVERLORD closed this issue 2026-02-05 00:20:16 +03:00

OVERLORD commented 2026-02-05 00:20:21 +03:00

Author

Owner

Copy Link

@jeda commented on GitHub (Mar 3, 2022):

Can reproduce on web vault too. Since autocomplete is happy to do this, it's probably best user-experience speaking if it is trimmed, for safety.

(For some reason though, /api/accounts/prelogin sends { email: "test@example.com" } while /identity/connect/token sends { "username": "test@example.com " }. Weird.)

@jeda commented on GitHub (Mar 3, 2022): Can reproduce on web vault too. Since autocomplete is happy to do this, it's probably best user-experience speaking if it is trimmed, for safety. (For some reason though, `/api/accounts/prelogin` sends `{ email: "test@example.com" }` while `/identity/connect/token` sends `{ "username": "test@example.com " }`. Weird.)

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

troubleshooting

wontfix

No Label enhancement

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1225