From fe1b3c322226c3363d92527fec91b0c0ff9245ad Mon Sep 17 00:00:00 2001
From: Nevil <nevil@tunerlabs.com>
Date: Mon, 1 Apr 2024 14:18:50 +0530
Subject: [PATCH 1/2] updated validation regex

---
 src/validators/v1/organization.js | 6 ++----
 src/validators/v1/user.js         | 3 +--
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/src/validators/v1/organization.js b/src/validators/v1/organization.js
index 9a0bcf838..2f30bd1ee 100644
--- a/src/validators/v1/organization.js
+++ b/src/validators/v1/organization.js
@@ -21,8 +21,7 @@ module.exports = {
 			.trim()
 			.notEmpty()
 			.withMessage('description field is empty')
-			.not()
-			.matches(/(\b)(on\S+)(\s*)=|javascript:|<(|\/|[^\/>][^>]+|\/[^>][^>]+)>/gi)
+			.matches(/^[a-zA-Z0-9\-.,]+$/)
 			.withMessage('invalid description')
 		req.checkBody('domains').trim().notEmpty().withMessage('domains field is empty')
 	},
@@ -43,8 +42,7 @@ module.exports = {
 			.trim()
 			.notEmpty()
 			.withMessage('description field is empty')
-			.not()
-			.matches(/(\b)(on\S+)(\s*)=|javascript:|<(|\/|[^\/>][^>]+|\/[^>][^>]+)>/gi)
+			.matches(/^[a-zA-Z0-9\-.,]+$/)
 			.withMessage('invalid description')
 	},
 
diff --git a/src/validators/v1/user.js b/src/validators/v1/user.js
index a0ceb2c2f..806fa8375 100644
--- a/src/validators/v1/user.js
+++ b/src/validators/v1/user.js
@@ -38,8 +38,7 @@ module.exports = {
 				.trim()
 				.notEmpty()
 				.withMessage('about field is empty')
-				.not()
-				.matches(/(\b)(on\S+)(\s*)=|javascript:|<(|\/|[^\/>][^>]+|\/[^>][^>]+)>/gi)
+				.matches(/^[a-zA-Z0-9\-.,]+$/)
 				.withMessage('invalid about')
 
 			req.checkBody('has_accepted_terms_and_conditions')

From dc5d7f68cc758824ab3c413de4c7b044919371b3 Mon Sep 17 00:00:00 2001
From: Nevil <nevil@tunerlabs.com>
Date: Mon, 1 Apr 2024 14:24:31 +0530
Subject: [PATCH 2/2] added whitespace

---
 src/validators/v1/organization.js | 4 ++--
 src/validators/v1/user.js         | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/validators/v1/organization.js b/src/validators/v1/organization.js
index 2f30bd1ee..dfb6b6f2d 100644
--- a/src/validators/v1/organization.js
+++ b/src/validators/v1/organization.js
@@ -21,7 +21,7 @@ module.exports = {
 			.trim()
 			.notEmpty()
 			.withMessage('description field is empty')
-			.matches(/^[a-zA-Z0-9\-.,]+$/)
+			.matches(/^[a-zA-Z0-9\-.,\s]+$/)
 			.withMessage('invalid description')
 		req.checkBody('domains').trim().notEmpty().withMessage('domains field is empty')
 	},
@@ -42,7 +42,7 @@ module.exports = {
 			.trim()
 			.notEmpty()
 			.withMessage('description field is empty')
-			.matches(/^[a-zA-Z0-9\-.,]+$/)
+			.matches(/^[a-zA-Z0-9\-.,\s]+$/)
 			.withMessage('invalid description')
 	},
 
diff --git a/src/validators/v1/user.js b/src/validators/v1/user.js
index 806fa8375..91c49f40b 100644
--- a/src/validators/v1/user.js
+++ b/src/validators/v1/user.js
@@ -38,7 +38,7 @@ module.exports = {
 				.trim()
 				.notEmpty()
 				.withMessage('about field is empty')
-				.matches(/^[a-zA-Z0-9\-.,]+$/)
+				.matches(/^[a-zA-Z0-9\-.,\s]+$/)
 				.withMessage('invalid about')
 
 			req.checkBody('has_accepted_terms_and_conditions')