I know that many people believe it is wrong to edit Superglobals in PHP. But I found myself to always trim user input in every controller of my webapp. To solve the problem once and for all I now just trim all values of these Superglobals like that:
# trim ALL inputs
foreach ($_REQUEST as $key => $value) {
$_REQUEST[$key] = trim($value);
}
foreach ($_COOKIE as $key => $value) {
$_COOKIE[$key] = trim($value);
}
foreach ($_GET as $key => $value) {
$_GET[$key] = trim($value);
}
foreach ($_POST as $key => $value) {
$_POST[$key] = trim($value);
}
Some users might want to define a password that starts or ends with a whitespace. Apart from that I cannot think of any usecase where trimming might do any harm.
Has anybody else tried to trim these Superglobals and ran into strange side effects that I should be aware of?