Leading/trailing spaces are allowed in string fields for some API endpoints #12506
Description
problem
Currently, some API endpoints allow saving string fields with leading or trailing spaces. This behavior can lead to inconsistent data and unexpected UI/API issues.
For example, when creating or updating certain resources (e.g. volumes, templates, ISOs), values with spaces at the beginning or end of the string are accepted and stored successfully, while they should instead be rejected with a validation error.
Here is the list of API endpoints where the issue occurs for the name and description fields:
- registerIso / updateIso
- createVolume / updateVolume / uploadVolume
- registerTemplate / updateTemplate
- updateNetwork / createNetwork / createNetworkACL / updateNetworkACLList
- createVPC / updateVPC
- createVpnCustomerGateway / createVpnGateway / createVpnCustomerGateway
Please also check other endpoints where this issue might occur, as similar validation problems may exist elsewhere.
versions
CloudStack 4.20.2.0
The steps to reproduce the bug
- Call one of the affected endpoints (for example: ISO creation or update).
- Provide string fields with leading or trailing spaces.
- Observe that the request is accepted and the data is stored.
{
"listisosresponse": {
"count": 1,
"iso": [
{
"id": "fee7a4be-b9cd-41d9-81c9-e948332e605b",
"name": " test name ",
"displaytext": " text ",
"isready": true,
"url": "my_url",
....
}
]
}
}
What to do about it?
The API should not allow leading or trailing spaces in string fields. It would be preferable to introduce this validation globally for all string fields across the API