Bug 451069

Summary: Sanitize pasted password text to remove newlines
Product: [Plasma] plasmashell Reporter: Ilario Gottardello <ilario.gottardello>
Component: Networks widgetAssignee: Jan Grulich <jgrulich>
Status: RESOLVED INTENTIONAL    
Severity: wishlist CC: nate
Priority: NOR Keywords: usability
Version First Reported In: master   
Target Milestone: 1.0   
Platform: Neon   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Ilario Gottardello 2022-03-03 07:13:54 UTC 
SUMMARY
When entering a password for a VPN connection, cariage return will not be removed so a simple double click - middle button copy-paste will fail.

STEPS TO REPRODUCE
1. Connect to a VPN (in my case OpenVPN)
2. copy-paste the password from a text file
3. Connection will fail because of wrong password

OBSERVED RESULT
Cariage return is pasted and considered a character of the password

EXPECTED RESULT
Invalid characters should be stripped

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: KDE neon 5.24
KDE Plasma Version: 5.24.2
KDE Frameworks Version: 5.91.0
Qt Version: 5.15.3

ADDITIONAL INFORMATION
I know passwords should not be saved in text files and so on, but it is like it is. The same password is used to connect to Teams and selecting it double clicking the line and pasting with middle button works as expected.
Comment 1 Ben Cooksley 2024-12-23 18:25:46 UTC 
Bulk transfer as requested in T17796
Comment 2 Nate Graham 2025-10-24 04:19:33 UTC 
But what if the password actually contains a newline character? In this supported but admittedly weird case, you'd actually be unable to authenticate. I don't think we can do this.
Comment 3 Ilario Gottardello 2025-10-24 07:22:28 UTC 
Well, honestly I don't know if it is possible to use the newline character on the password. If it is, I don't know how :D

I was simply comparing Teams and the VPN dialog box and I saw that Teams automatically trimmed the password, so it was very convenient copy pasting from a text file. But, if the newline character may effectively be used inside the password, my argument is bogus.