net/upnp: fix ACL entry validation and error messages

[peloyeje]

Important notices
Before you submit a pull request, we ask you kindly to acknowledge the following:

• I have read the contributing guidelines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
• I opened an issue first for non-trivial changes and linked it below.
• AI tools were used to create at least part of the code submitted herewith.

---

Describe the problem
Two issues with ACL entry validation on the UPnP settings page (/services_upnp.php):

1. Trailing whitespace causes false validation failure: explode(' ', ...) on an ACL entry with trailing whitespace (e.g. allow 1024-65535 192.168.1.0/24 1024-65535 ) produces 5 tokens instead of 4.
2. Error messages reference wrong field name: Validation errors say "User specified permissions N" but the UI labels the fields as "ACL entry N".

---

Describe the proposed solution

• trim() ACL input before validation and before saving to config
• Replace "User specified permissions" with "ACL entry" in validation error messages to match the UI label

---

This is my first contribution to this project, happy to address any feedback!

[fichtner]

From a validation standpoint the project‘s view is that trim() doesn’t often help but mostly obscures data paths. It’s more of a premature optimization that bypasses validation. MVC can deal with this slightly better and since this is an old static PHP page we’d also like to keep it as it was.

Cheers,
Franco

[peloyeje]

From a validation standpoint the project‘s view is that trim() doesn’t often help but mostly obscures data paths. It’s more of a premature optimization that bypasses validation. MVC can deal with this slightly better and since this is an old static PHP page we’d also like to keep it as it was.

Cheers, Franco

Hi @fichtner

Thank you for the quick feedback.
Would you be open to a smaller change affecting doc only, to give a hint to users that ACL validation may fail because of trailing whitespace then?

Cheers