HTML validator has been set at serializer level

Author: bishwaspraveen

feedback/serializers.py

@@ -1,9 +1,28 @@
+import re
+
 from rest_framework import serializers
 
 from .models import ContentCurationRequest, Feedback
 
 
+class HTMLFreeCharField(serializers.CharField):
+    def to_internal_value(self, data):
+        value = super().to_internal_value(data)
+
+        if re.search(r"<[^>]+>", value):
+            raise serializers.ValidationError("HTML tags are not allowed in this field")
+
+        return value
+
+
 class FeedbackSerializer(serializers.ModelSerializer):
+
+    name = HTMLFreeCharField(max_length=150)
+    email = serializers.EmailField()
+    subject = HTMLFreeCharField(max_length=400)
+    comments = HTMLFreeCharField()
+    source = HTMLFreeCharField(max_length=50, required=False, default="SDE")
+
     class Meta:
         model = Feedback
         fields = [