From 203b9131ec895cafbb10e9c2aacd6b2c45e6b9f4 Mon Sep 17 00:00:00 2001
From: Josh Richards <josh.t.richards@gmail.com>
Date: Thu, 30 Mar 2023 11:59:13 -0400
Subject: [PATCH] Trim the user/email provided for password resets

Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
---
 core/Controller/LostController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php
index 044535c345b..36b8dca6ddb 100644
--- a/core/Controller/LostController.php
+++ b/core/Controller/LostController.php
@@ -208,7 +208,7 @@ class LostController extends Controller {
 
 		// FIXME: use HTTP error codes
 		try {
-			$this->sendEmail($user);
+			$this->sendEmail(trim($user));
 		} catch (ResetPasswordException $e) {
 			// Ignore the error since we do not want to leak this info
 			$this->logger->warning('Could not send password reset email: ' . $e->getMessage());
-- 
2.39.5