I want to add custom validation, but I get an error while I add custom
function isValidInput(value) {
const regex = /<[^>]*>|javascript:/gi;
if (regex.test(value)) {
throw new Error('Input contains HTML tags or scripts');
}
}
module.exports.placeOrder = Joi.object({
buyer: Joi.object({
id: Joi.string().guid().required(),
name: Joi.string().required(),
email: Joi.string().email().required(),
}).required(),
organisation: Joi.object({
id: Joi.string().required(),
title: Joi.string().required(),
}).required(),
updated_by: Joi.object({
id: Joi.string().guid().required(),
name: Joi.string().allow(null),
email: Joi.string().allow(null),
}).required(),
program: Joi.array()
.items(
Joi.object({
id: Joi.string()
.regex(/^[a-zA-Z0-9-_]+={0,2}$/)
.required(),
producer: Joi.object({
id: Joi.string().guid().required(),
name: Joi.string().custom(isValidInput).required().allow(null),
email: Joi.string().email().allow(null),
}).required(),
channel_partner: Joi.object({
id: Joi.string().guid().required(),
name: Joi.string().required(),
email: Joi.string().required(),
}).required(),
igpid: Joi.string()
.regex(/^[a-zA-Z0-9-_]+={0,2}$/)
.optional(),
title: Joi.string().required(),
description: Joi.string().optional(),
initial_units: Joi.number().integer().required(),
program_source: Joi.string().required(),
genome_insight: Joi.string().optional(),
reach: Joi.number().integer().required(),
available_units: Joi.number().integer().optional(),
status: Joi.string().required(),
sdg: Joi.object({
program_sdg_names: Joi.array().items(Joi.string()).required(),
program_sdg_targets: Joi.array().items(Joi.string()).required(),
}).optional(),
})
)
.required(),
});
I want to add custom validation so that no external HTML tags or script is injected. I want to ensure no malicious script could be injected into the request. I'v got an error in the validation while I was using the joi version 14.
The error I recieve when trying to run the validation is
Joi.string().custom is not a function
Resolved Issue: Using Joi Version 14 versus Version 17
I experienced an issue in my project and successfully handled it, and I wanted to share the answer here in case anyone else runs into a similar situation.
The issue arose from utilizing an out-of-date version of Joi (version 14) in my project. The functionality I wanted, custom(), was unavailable in version 14. However, it was included in version 17.
After upgrading to the most recent version of Joi (version 17), everything reverted to normal, and I was able to use the custom() method as intended.
If you are experiencing similar problems with Joi, I suggest you upgrade to the most recent version to access all of the new features and bug fixes.
I hope this helps.