As you many observe that rdiffweb strictly has a password policy where it prompts out that the password should be between 8 and 128 characters . But the application does not filter blank spaces used in a password
1) Go to https://rdiffweb-demo.ikus-soft.com/prefs/general
2) Change the password . Old password - admin123 and set the new password as 10 blank spaces(tapping the space bar 10 times)
3) You can see that the application accepts blank spaces in a password and do not scrape them out