From 4c3003e6f0e07286fe3f616205106900229edf7d Mon Sep 17 00:00:00 2001
From: Venkat Kandagaddala <venky.kandagaddala@gmail.com>
Date: Wed, 28 Aug 2024 17:47:43 +0530
Subject: [PATCH] Prevent input text boxes with HTML and javascript

---
 .../create-event/create-event.component.html  |  10 +
 .../create-event/create-event.component.ts    |   7 +-
 .../edit-event/edit-event.component.html      |  12 +-
 .../events/edit-event/edit-event.component.ts |   7 +-
 .../request-copy-details.component.html       | 549 +++++++++---------
 .../request-copy-details.component.ts         |  23 +-
 .../requests-approval.component.html          |   8 +-
 .../requests-approval.component.ts            |   3 +-
 .../edit-sector/edit-sector.component.html    |   3 +-
 .../edit-sector/edit-sector.component.ts      |  15 +-
 .../prevent-html-and-js.validator.ts          |  12 +
 11 files changed, 363 insertions(+), 286 deletions(-)
 create mode 100644 project/ws/app/src/lib/routes/home/validators/prevent-html-and-js.validator.ts

diff --git a/project/ws/app/src/lib/routes/home/routes/events/create-event/create-event.component.html b/project/ws/app/src/lib/routes/home/routes/events/create-event/create-event.component.html
index 3f87546a..e43b1db3 100644
--- a/project/ws/app/src/lib/routes/home/routes/events/create-event/create-event.component.html
+++ b/project/ws/app/src/lib/routes/home/routes/events/create-event/create-event.component.html
@@ -132,6 +132,12 @@
                                                                                     createEventForm?.controls['description'].errors?.required">
                                     Description is mandatory
                                 </mat-error>
+                                <mat-error [hidden]="false" i18n="description Error|Explains description is required"
+                                    i18n-aria-label aria-label="description Error|Explains description is required "
+                                    *ngIf="createEventForm?.controls['description']?.touched &&
+                                        createEventForm?.controls['description'].errors?.noHtml">
+                                    HTML and javascript is not allowed
+                                </mat-error>
                                 <mat-hint>{{description.value.length}}/1000 characters</mat-hint>
                             </mat-form-field>
                         </div>
@@ -149,6 +155,10 @@
                                     *ngIf="createEventForm?.controls['agenda']?.touched && createEventForm?.controls['agenda'].errors?.required">
                                     Agenda is mandatory
                                 </mat-error>
+                                <mat-error [hidden]="false"
+                                    *ngIf="createEventForm?.controls['agenda']?.touched && createEventForm?.controls['agenda'].errors?.noHtml">
+                                    HTML and javascript is not allowed
+                                </mat-error>
                                 <mat-hint>{{agenda.value.length}}/500 characters</mat-hint>
                             </mat-form-field>
                         </div>
diff --git a/project/ws/app/src/lib/routes/home/routes/events/create-event/create-event.component.ts b/project/ws/app/src/lib/routes/home/routes/events/create-event/create-event.component.ts
index 4bdc8592..0a19a35f 100644
--- a/project/ws/app/src/lib/routes/home/routes/events/create-event/create-event.component.ts
+++ b/project/ws/app/src/lib/routes/home/routes/events/create-event/create-event.component.ts
@@ -15,6 +15,7 @@ import { MomentDateAdapter } from '@angular/material-moment-adapter'
 import _ from 'lodash'
 import { TelemetryEvents } from '../../events/model/telemetry.event.model'
 import { ProfileV2UtillService } from '../services/home-utill.service'
+import { preventHtmlAndJs } from '../../../validators/prevent-html-and-js.validator'
 /* tslint:enable */
 
 export const MY_FORMATS = {
@@ -146,8 +147,8 @@ export class CreateEventComponent implements OnInit {
       eventPicture: new FormControl('', [Validators.required]),
       eventTitle: new FormControl('', [Validators.required]),
       // summary: new FormControl('', [Validators.required]),
-      description: new FormControl('', [Validators.required]),
-      agenda: new FormControl('', []),
+      description: new FormControl('', [Validators.required, preventHtmlAndJs()]),
+      agenda: new FormControl('', [preventHtmlAndJs()]),
       // isItKarmayogiTalk: new FormControl('', []),
       eventType: new FormControl('', [Validators.required]),
       eventDate: new FormControl('', [Validators.required]),
@@ -580,7 +581,7 @@ export class CreateEventComponent implements OnInit {
     this.dialogRef.afterClosed().subscribe(() => {
       setTimeout(() => {
         this.router.navigate([`/app/home/events`])
-      },         700)
+      }, 700)
     })
   }
 
diff --git a/project/ws/app/src/lib/routes/home/routes/events/edit-event/edit-event.component.html b/project/ws/app/src/lib/routes/home/routes/events/edit-event/edit-event.component.html
index cdafcd55..68718b3a 100644
--- a/project/ws/app/src/lib/routes/home/routes/events/edit-event/edit-event.component.html
+++ b/project/ws/app/src/lib/routes/home/routes/events/edit-event/edit-event.component.html
@@ -135,9 +135,15 @@
                                 <mat-error [hidden]="false" i18n="description Error|Explains description is required"
                                     i18n-aria-label aria-label="description Error|Explains description is required "
                                     *ngIf="createEventForm?.controls['description']?.touched &&
-                                                                                    createEventForm?.controls['description'].errors?.required">
+                                        createEventForm?.controls['description'].errors?.required">
                                     Description is mandatory
                                 </mat-error>
+                                <mat-error [hidden]="false" i18n="description Error|Explains description is required"
+                                    i18n-aria-label aria-label="description Error|Explains description is required "
+                                    *ngIf="createEventForm?.controls['description']?.touched &&
+                                    createEventForm?.controls['description'].errors?.noHtml">
+                                    HTML and javascript is not allowed
+                                </mat-error>
                                 <mat-hint>{{description.value.length}}/1000 characters</mat-hint>
                             </mat-form-field>
                         </div>
@@ -155,6 +161,10 @@
                                     *ngIf="createEventForm?.controls['agenda']?.touched && createEventForm?.controls['agenda'].errors?.required">
                                     Agenda is mandatory
                                 </mat-error>
+                                <mat-error [hidden]="false"
+                                    *ngIf="createEventForm?.controls['agenda']?.touched && createEventForm?.controls['agenda'].errors?.noHtml">
+                                    HTML or Js is not allowed
+                                </mat-error>
                                 <mat-hint>{{agenda.value.length}}/500 characters</mat-hint>
                             </mat-form-field>
                         </div>
diff --git a/project/ws/app/src/lib/routes/home/routes/events/edit-event/edit-event.component.ts b/project/ws/app/src/lib/routes/home/routes/events/edit-event/edit-event.component.ts
index cefa3acb..4e423df9 100644
--- a/project/ws/app/src/lib/routes/home/routes/events/edit-event/edit-event.component.ts
+++ b/project/ws/app/src/lib/routes/home/routes/events/edit-event/edit-event.component.ts
@@ -15,6 +15,7 @@ import _ from 'lodash'
 import { TelemetryEvents } from '../model/telemetry.event.model'
 import { ProfileV2UtillService } from '../services/home-utill.service'
 import { MomentDateAdapter } from '@angular/material-moment-adapter'
+import { preventHtmlAndJs } from '../../../validators/prevent-html-and-js.validator'
 /* tslint:enable */
 
 export const MY_FORMATS = {
@@ -151,8 +152,8 @@ export class EditEventComponent implements OnInit {
       eventPicture: new FormControl('', [Validators.required]),
       eventTitle: new FormControl('', [Validators.required]),
       // summary: new FormControl('', []),
-      description: new FormControl('', [Validators.required]),
-      agenda: new FormControl('', []),
+      description: new FormControl('', [Validators.required, preventHtmlAndJs()]),
+      agenda: new FormControl('', [preventHtmlAndJs()]),
       // isItKarmayogiTalk: new FormControl('', []),
       eventType: new FormControl('', [Validators.required]),
       eventDate: new FormControl('', [Validators.required]),
@@ -574,7 +575,7 @@ export class EditEventComponent implements OnInit {
               this.displayLoader = false
               this.openSnackbar('Event details are successfuly updated.')
               this.router.navigate([`/app/home/events`])
-            },         5000)
+            }, 5000)
           }
         },
         (err: any) => {
diff --git a/project/ws/app/src/lib/routes/home/routes/request/request-copy-details/request-copy-details.component.html b/project/ws/app/src/lib/routes/home/routes/request/request-copy-details/request-copy-details.component.html
index a606e644..4f09d355 100644
--- a/project/ws/app/src/lib/routes/home/routes/request/request-copy-details/request-copy-details.component.html
+++ b/project/ws/app/src/lib/routes/home/routes/request/request-copy-details/request-copy-details.component.html
@@ -1,278 +1,301 @@
 <div class="flex flex-4 flex-column main-container">
-    <mat-card class="card-section">
-      <span class="flex">
-        <mat-icon class="arrow-btn" (click)="navigateBack()">arrow_back</mat-icon>
-        <mat-card-title class="flex-4 mobile-margin mat-h2 title-request">
-          {{isHideData ? 'Go Back':'Request Content'}}
-        </mat-card-title>
-      </span>
-      
-      <mat-card-content>
-        <div class="form-element">
-            <form [formGroup]="requestForm">
-                <div class="title-name">
-                    <div class="fonm-element-label label-text">Title <span class="required"></span></div>
-                    <mat-form-field appearance="outline" class="w-full" fxFlex="40">
-                        <input class="w-full placeholder-text" matInput placeholder="Enter Title" formControlName="titleName" maxlength="70">
-                        <mat-hint align="end">{{ requestForm.controls['titleName'].value.length }} / 70</mat-hint>                    
-                        <mat-error *ngIf="requestForm.controls['titleName'].hasError('required')">
-                          Please enter a title for the request.
-                        </mat-error>
-                        <mat-error
-                        *ngIf="requestForm.controls['titleName'].hasError('minlength') && !requestForm.controls['titleName'].errors?.pattern"
-                        i18n="name Error|Explains name is required">
-                        Minimum characters left to create {{10 - requestForm.controls['titleName'].value.length}}
-                      </mat-error>
-                      <mat-error *ngIf="requestForm.controls['titleName'].errors?.pattern"
-                        i18n="name Error|Explains name is required">
-                        Only {{specialCharList}} characters are supported
-                      </mat-error>
-                      <mat-hint>
-                        Only {{specialCharList}} characters are supported
-                      </mat-hint>
-                    </mat-form-field>
+  <mat-card class="card-section">
+    <span class="flex">
+      <mat-icon class="arrow-btn" (click)="navigateBack()">arrow_back</mat-icon>
+      <mat-card-title class="flex-4 mobile-margin mat-h2 title-request">
+        {{isHideData ? 'Go Back':'Request Content'}}
+      </mat-card-title>
+    </span>
+
+    <mat-card-content>
+      <div class="form-element">
+        <form [formGroup]="requestForm">
+          <div class="title-name">
+            <div class="fonm-element-label label-text">Title <span class="required"></span></div>
+            <mat-form-field appearance="outline" class="w-full" fxFlex="40">
+              <input class="w-full placeholder-text" matInput placeholder="Enter Title" formControlName="titleName"
+                maxlength="70">
+              <mat-hint align="end">{{ requestForm.controls['titleName'].value.length }} / 70</mat-hint>
+              <mat-error *ngIf="requestForm.controls['titleName'].hasError('required')">
+                Please enter a title for the request.
+              </mat-error>
+              <mat-error
+                *ngIf="requestForm.controls['titleName'].hasError('minlength') && !requestForm.controls['titleName'].errors?.pattern"
+                i18n="name Error|Explains name is required">
+                Minimum characters left to create {{10 - requestForm.controls['titleName'].value.length}}
+              </mat-error>
+              <mat-error *ngIf="requestForm.controls['titleName'].errors?.pattern"
+                i18n="name Error|Explains name is required">
+                Only {{specialCharList}} characters are supported
+              </mat-error>
+              <mat-error
+                *ngIf="requestForm.controls['titleName'].errors?.noHtml && !requestForm.controls['titleName'].errors?.pattern"
+                i18n="name Error|Explains name is required">
+                HTML or Js is not allowed
+              </mat-error>
+              <mat-hint>
+                Only {{specialCharList}} characters are supported
+              </mat-hint>
+            </mat-form-field>
+          </div>
+          <div class="title-name">
+            <div class="fonm-element-label label-text">Objective <span class="required"></span></div>
+            <mat-form-field appearance="outline" class="w-full field-height" fxFlex="40">
+              <textarea matInput class="w-full  placeholder-text" [matTextareaAutosize] [matAutosizeMaxRows]="10"
+                [matAutosizeMinRows]="5" formControlName="Objective" placeholder="Provide the objective of the content"
+                maxlength="500" i18n-placeholder></textarea>
+              <!-- <input class="w-full" matInput placeholder="Enter Objective" formControlName="Objective" maxlength="500"> -->
+              <mat-hint align="end">{{ requestForm.controls['Objective'].value.length }} / 500</mat-hint>
+              <mat-error *ngIf="requestForm.controls['Objective'].hasError('required')">
+                Please enter the objective of the request.
+              </mat-error>
+              <mat-error
+                *ngIf="requestForm.controls['Objective'].hasError('minlength') && !requestForm.controls['Objective'].errors?.pattern"
+                i18n="name Error|Explains name is required">
+                Minimum characters left to create {{10 - requestForm.controls['Objective'].value.length}}
+              </mat-error>
+              <mat-error
+                *ngIf="requestForm.controls['Objective'].hasError('noHtml') && !requestForm.controls['Objective'].errors?.pattern"
+                i18n="name Error|Explains name is required">
+                HTML or Js is not allowed
+              </mat-error>
+              <mat-error *ngIf="requestForm.controls['Objective'].errors?.pattern"
+                i18n="name Error|Explains name is required">
+                Only {{specialCharList}} characters are supported
+              </mat-error>
+              <mat-hint>
+                Only {{specialCharList}} characters are supported
+              </mat-hint>
+            </mat-form-field>
+          </div>
+          <div class="title-name">
+            <div class="fonm-element-label label-text">Type of user</div>
+            <mat-form-field appearance="outline" class="w-full field-height" fxFlex="40">
+              <!-- <input class="w-full" matInput placeholder="Enter Type of user" formControlName="userType" maxlength="500"> -->
+              <textarea matInput class="w-full placeholder-text" [matTextareaAutosize] [matAutosizeMaxRows]="10"
+                [matAutosizeMinRows]="2" formControlName="userType" placeholder="Example for ASO and above"
+                maxlength="500" i18n-placeholder></textarea>
+              <mat-hint align="end">{{ requestForm.controls['userType'].value.length }} / 500</mat-hint>
+              <mat-error
+                *ngIf="requestForm.controls['userType'].hasError('minlength') && !requestForm.controls['userType'].errors?.pattern"
+                i18n="name Error|Explains name is required">
+                Minimum characters left to create {{10 - requestForm.controls['userType'].value.length}}
+              </mat-error>
+              <mat-error
+                *ngIf="requestForm.controls['userType'].hasError('noHtml') && !requestForm.controls['userType'].errors?.pattern"
+                i18n="name Error|Explains name is required">
+                HTML or Js is not allowed
+              </mat-error>
+              <mat-error *ngIf="requestForm.controls['userType'].errors?.pattern"
+                i18n="name Error|Explains name is required">
+                Only {{specialCharList}} characters are supported
+              </mat-error>
+              <mat-hint>
+                Only {{specialCharList}} characters are supported
+              </mat-hint>
+            </mat-form-field>
+          </div>
+          <div class="title-name">
+            <div class="fonm-element-label label-text">Learning Mode</div>
+            <div class="mt-5">
+              <mat-radio-group aria-label="Select an option" formControlName="learningMode">
+                <mat-radio-button class="learning-section" *ngFor="let item of learningList"
+                  [value]="item.key">{{item.name}}</mat-radio-button>
+
+              </mat-radio-group>
+            </div>
+          </div>
+
+          <div class="title-name">
+            <span class="comp-heading">Targeted Competencies</span>
+            <div class="flex-1">
+              <div class="margin-bottom-m">
+                <p class="mat-subheading-2">Competency Area</p>
+                <ng-container *ngIf="filteredallCompetencies">
+                  <mat-radio-group name="competencyArea" class="flex tgl-group margin-top-s flex-wrap"
+                    formControlName="compArea">
+                    <mat-radio-button matInput [name]="'radio-' + option.name"
+                      class="flex flex-row itm-center ws-mat-accent-border margin-right-s"
+                      *ngFor="let option of filteredallCompetencies" [value]="option.name"
+                      (change)="compAreaSelected(option)">
+                      <span class="mat-body-2">{{option.name}}</span>
+                    </mat-radio-button>
+                  </mat-radio-group>
+                </ng-container>
+              </div>
+
+              <div class="margin-bottom-m" *ngIf="allCompetencyTheme && allCompetencyTheme.length > 0">
+                <p class="mat-subheading-2">Competency Theme</p>
+                <div class="flex flex-1 flex-row margin-fix search">
+                  <mat-form-field appearance="outline" class="autocomplete-form" color="primary" [floatLabel]="'never'">
+                    <mat-icon matPrefix class="search-home flex items-center justify-center">search</mat-icon>
+                    <mat-label>Search</mat-label>
+                    <input type="search" #searchInput class="ml-2 flex-1" i18n-placeholder="search"
+                      [placeholder]="'Search'" i18-aria-label aria-label="Search" matInput
+                      formControlName="queryThemeControl" maxlength="50" (keyup)="updateQuery('theme')" />
+                  </mat-form-field>
+                  <button class="margin-top-s" mat-icon-button (click)="resetSearch('theme')">
+                    <mat-icon>refresh</mat-icon>
+                  </button>
                 </div>
-                <div class="title-name">
-                    <div class="fonm-element-label label-text">Objective <span class="required"></span></div>
-                    <mat-form-field appearance="outline" class="w-full field-height" fxFlex="40">
-                      <textarea matInput class="w-full  placeholder-text" [matTextareaAutosize] [matAutosizeMaxRows]="10"
-                      [matAutosizeMinRows]="5" formControlName="Objective" placeholder="Provide the objective of the content"
-                      maxlength="500" i18n-placeholder></textarea>
-                        <!-- <input class="w-full" matInput placeholder="Enter Objective" formControlName="Objective" maxlength="500"> -->
-                        <mat-hint align="end">{{ requestForm.controls['Objective'].value.length }} / 500</mat-hint>                    
-                        <mat-error *ngIf="requestForm.controls['Objective'].hasError('required')">
-                          Please enter the objective of the request.
-                        </mat-error>
-                        <mat-error
-                        *ngIf="requestForm.controls['Objective'].hasError('minlength') && !requestForm.controls['Objective'].errors?.pattern"
-                        i18n="name Error|Explains name is required">
-                        Minimum characters left to create {{10 - requestForm.controls['Objective'].value.length}}
-                      </mat-error>
-                      <mat-error *ngIf="requestForm.controls['Objective'].errors?.pattern"
-                        i18n="name Error|Explains name is required">
-                        Only {{specialCharList}} characters are supported
-                      </mat-error>
-                      <mat-hint>
-                        Only {{specialCharList}} characters are supported
-                      </mat-hint>
-                    </mat-form-field>
+                <div>
+                  <span class="display-inline-block complabels mat-caption cursor-pointer"
+                    [ngClass]="{active: (seletedCompetencyTheme && option.id === seletedCompetencyTheme.id)}"
+                    (click)="compThemeSelected(option)"
+                    *ngFor="let option of filteredallCompetencyTheme">{{option.name}}</span>
                 </div>
-                <div class="title-name">
-                    <div class="fonm-element-label label-text">Type of user</div>
-                    <mat-form-field appearance="outline" class="w-full field-height" fxFlex="40">
-                        <!-- <input class="w-full" matInput placeholder="Enter Type of user" formControlName="userType" maxlength="500"> -->
-                        <textarea matInput class="w-full placeholder-text" [matTextareaAutosize] [matAutosizeMaxRows]="10"
-                        [matAutosizeMinRows]="2" formControlName="userType" placeholder="Example for ASO and above"
-                        maxlength="500" i18n-placeholder></textarea>
-                        <mat-hint align="end">{{ requestForm.controls['userType'].value.length }} / 500</mat-hint>                    
-                        <mat-error
-                        *ngIf="requestForm.controls['userType'].hasError('minlength') && !requestForm.controls['userType'].errors?.pattern"
-                        i18n="name Error|Explains name is required">
-                        Minimum characters left to create {{10 - requestForm.controls['userType'].value.length}}
-                      </mat-error>
-                      <mat-error *ngIf="requestForm.controls['userType'].errors?.pattern"
-                        i18n="name Error|Explains name is required">
-                        Only {{specialCharList}} characters are supported
-                      </mat-error>
-                      <mat-hint>
-                        Only {{specialCharList}} characters are supported
-                      </mat-hint>
-                    </mat-form-field>
+              </div>
+
+              <div class="margin-bottom-m" *ngIf="allCompetencySubtheme && allCompetencySubtheme.length > 0">
+                <p class="mat-subheading-2">Competency Sub theme</p>
+                <div class="flex flex-1 flex-row margin-fix search">
+                  <mat-form-field appearance="outline" class="autocomplete-form" color="primary" [floatLabel]="'never'">
+                    <mat-icon matPrefix class="search-home flex items-center justify-center">search</mat-icon>
+                    <mat-label>Search</mat-label>
+                    <input type="search" #searchInput class="ml-2 flex-1" i18n-placeholder="search"
+                      [placeholder]="'Search'" i18-aria-label aria-label="Search" matInput
+                      formControlName="querySubThemeControl" maxlength="50" (keyup)="updateQuery('subtheme')" />
+                  </mat-form-field>
+                  <button class="margin-top-s" mat-icon-button (click)="resetSearch('subtheme')">
+                    <mat-icon>refresh</mat-icon>
+                  </button>
                 </div>
-                <div class="title-name">
-                    <div class="fonm-element-label label-text">Learning Mode</div>
-                    <div class="mt-5">
-                    <mat-radio-group aria-label="Select an option" formControlName="learningMode" >
-                        <mat-radio-button class="learning-section"  *ngFor="let item of learningList"  [value]="item.key"  >{{item.name}}</mat-radio-button>
-                    
-                      </mat-radio-group>
-                    </div>
+                <div>
+                  <span class="display-inline-block complabels mat-caption cursor-pointer"
+                    [ngClass]="{active: (seletedCompetencySubTheme && option.id === seletedCompetencySubTheme.id)}"
+                    (click)="compSubThemeSelected(option)"
+                    *ngFor="let option of filteredallCompetencySubtheme">{{option.name}}</span>
                 </div>
-                
-                <div class="title-name">
-                    <span class="comp-heading">Targeted Competencies</span>
-                    <div class="flex-1">
-                      <div class="margin-bottom-m">
-                        <p class="mat-subheading-2">Competency Area</p>
-                        <ng-container *ngIf="filteredallCompetencies">
-                          <mat-radio-group name="competencyArea" class="flex tgl-group margin-top-s flex-wrap"
-                          formControlName="compArea">
-                            <mat-radio-button matInput [name]="'radio-' + option.name"
-                              class="flex flex-row itm-center ws-mat-accent-border margin-right-s"
-                              *ngFor="let option of filteredallCompetencies" [value]="option.name"
-                              (change)="compAreaSelected(option)">
-                              <span class="mat-body-2">{{option.name}}</span>
-                            </mat-radio-button>
-                          </mat-radio-group>
-                        </ng-container>
-                      </div>
-    
-                  <div class="margin-bottom-m" *ngIf="allCompetencyTheme && allCompetencyTheme.length > 0">
-                        <p class="mat-subheading-2">Competency Theme</p>
-                        <div class="flex flex-1 flex-row margin-fix search">
-                          <mat-form-field appearance="outline" class="autocomplete-form" color="primary"
-                            [floatLabel]="'never'">
-                            <mat-icon matPrefix class="search-home flex items-center justify-center">search</mat-icon>
-                            <mat-label>Search</mat-label>
-                            <input type="search" #searchInput class="ml-2 flex-1" i18n-placeholder="search"
-                              [placeholder]="'Search'" i18-aria-label aria-label="Search" matInput
-                              formControlName="queryThemeControl" maxlength="50"
-                              (keyup)="updateQuery('theme')" />
-                          </mat-form-field>
-                          <button class="margin-top-s" mat-icon-button (click)="resetSearch('theme')">
-                            <mat-icon>refresh</mat-icon>
-                          </button>
-                        </div>
-                        <div>
-                          <span class="display-inline-block complabels mat-caption cursor-pointer"
-                            [ngClass]="{active: (seletedCompetencyTheme && option.id === seletedCompetencyTheme.id)}"
-                            (click)="compThemeSelected(option)"
-                            *ngFor="let option of filteredallCompetencyTheme">{{option.name}}</span>
-                        </div>
-                      </div>
-    
-                       <div class="margin-bottom-m" *ngIf="allCompetencySubtheme && allCompetencySubtheme.length > 0">
-                        <p class="mat-subheading-2">Competency Sub theme</p>
-                        <div class="flex flex-1 flex-row margin-fix search">
-                          <mat-form-field appearance="outline" class="autocomplete-form" color="primary"
-                            [floatLabel]="'never'">
-                            <mat-icon matPrefix class="search-home flex items-center justify-center">search</mat-icon>
-                            <mat-label>Search</mat-label>
-                            <input type="search" #searchInput class="ml-2 flex-1" i18n-placeholder="search"
-                              [placeholder]="'Search'" i18-aria-label aria-label="Search" matInput
-                              formControlName="querySubThemeControl" maxlength="50"
-                              (keyup)="updateQuery('subtheme')" />
-                          </mat-form-field>
-                          <button class="margin-top-s" mat-icon-button (click)="resetSearch('subtheme')">
-                            <mat-icon>refresh</mat-icon>
-                          </button>
-                        </div>
-                        <div>
-                          <span class="display-inline-block complabels mat-caption cursor-pointer"
-                            [ngClass]="{active: (seletedCompetencySubTheme && option.id === seletedCompetencySubTheme.id)}"
-                            (click)="compSubThemeSelected(option)"
-                            *ngFor="let option of filteredallCompetencySubtheme">{{option.name}}</span>
-                        </div>
-                      </div> 
-    
-                      <div class="margin-bottom-l">
-                        <button mat-raised-button type="button"
-                          class="ws-mat-default-text ws-mat-accent-border-active compbutton"
-                          [disabled]="!enableCompetencyAdd" (click)="addCompetency()">
-                          <span class="mat-subheading-2 padding-xs" i18n style="vertical-align: unset;">Add</span>
-                        </button>
-                      </div>
-                    </div>
-                      <div class="flex new-mobile">
-                <div class="flex-1" >
-                  <div class="flex flex-1" *ngIf="requestForm.controls?.competencies_v5?.value?.length > 0">
-                    <table class="compt-table width-1-1 text-left margin-bottom-xl" cellspacing="0">
-                      <tr>
-                        <th class="padding-xs ws-mat-black60-text mat-body-1">Area</th>
-                        <th class="padding-xs ws-mat-black60-text mat-body-1">Theme</th>
-                        <th class="padding-xs ws-mat-black60-text mat-body-1">Sub theme</th>
-                      </tr>
-                      <tr   *ngFor="let comp of requestForm.controls?.competencies_v5?.value"  [attr.disabled]="isCompetencyHide ? true : null"  (click)=view(comp)>
-                        <td  class="padding-xs mat-body-1 cursor-pointer">{{comp.competencyArea}}</td>
-                        <td class="padding-xs mat-body-1 cursor-pointer">{{comp.competencyTheme || comp.name}}</td>
-                        <td class="padding-xs mat-body-1 cursor-pointer">{{comp.competencySubTheme ||
-                          comp.selectedLevelLevel}}</td>
-                      </tr>
-                    </table>
-                  </div>
+              </div>
+
+              <div class="margin-bottom-l">
+                <button mat-raised-button type="button"
+                  class="ws-mat-default-text ws-mat-accent-border-active compbutton" [disabled]="!enableCompetencyAdd"
+                  (click)="addCompetency()">
+                  <span class="mat-subheading-2 padding-xs" i18n style="vertical-align: unset;">Add</span>
+                </button>
+              </div>
+            </div>
+            <div class="flex new-mobile">
+              <div class="flex-1">
+                <div class="flex flex-1" *ngIf="requestForm.controls?.competencies_v5?.value?.length > 0">
+                  <table class="compt-table width-1-1 text-left margin-bottom-xl" cellspacing="0">
+                    <tr>
+                      <th class="padding-xs ws-mat-black60-text mat-body-1">Area</th>
+                      <th class="padding-xs ws-mat-black60-text mat-body-1">Theme</th>
+                      <th class="padding-xs ws-mat-black60-text mat-body-1">Sub theme</th>
+                    </tr>
+                    <tr *ngFor="let comp of requestForm.controls?.competencies_v5?.value"
+                      [attr.disabled]="isCompetencyHide ? true : null" (click)=view(comp)>
+                      <td class="padding-xs mat-body-1 cursor-pointer">{{comp.competencyArea}}</td>
+                      <td class="padding-xs mat-body-1 cursor-pointer">{{comp.competencyTheme || comp.name}}</td>
+                      <td class="padding-xs mat-body-1 cursor-pointer">{{comp.competencySubTheme ||
+                        comp.selectedLevelLevel}}</td>
+                    </tr>
+                  </table>
                 </div>
-                <div class="" *ngIf="showSaveButton()"> 
-                  <button mat-raised-button type="button" style="line-height: 48px;"
+              </div>
+              <div class="" *ngIf="showSaveButton()">
+                <button mat-raised-button type="button" style="line-height: 48px;"
                   class="ws-mat-default-text ws-mat-accent-border-active"
                   (click)="!requestForm.invalid ? data.emit('save') : showToasterMessage('mandatoryFields')">
                   <span class="mat-subheading-2 padding-xs" i18n style="vertical-align: unset;">Save</span>
                 </button>
-                </div>
               </div>
-                </div>
-                <div class="title-text">
-                    <div class="fonm-element-label label-text">Refrence Link</div>
-                    <mat-form-field appearance="outline" class="w-full field-height placeholder-text" fxFlex="40">
-                        <input class="w-full" matInput placeholder="Provide reference link" formControlName="referenceLink">
-                        </mat-form-field>
+            </div>
+          </div>
+          <div class="title-text">
+            <div class="fonm-element-label label-text">Refrence Link</div>
+            <mat-form-field appearance="outline" class="w-full field-height placeholder-text" fxFlex="40">
+              <input class="w-full" matInput placeholder="Provide reference link" formControlName="referenceLink">
+              <mat-error *ngIf="requestForm.controls['referenceLink'].hasError('noHtml')"
+                i18n="name Error|Explains name is required">
+                HTML or Js is not allowed
+              </mat-error>
+            </mat-form-field>
 
-                    
-                </div>
-                <div class="title-text">
-                    <div class="fonm-element-label label-text">Request Type<span class="required"></span></div>
-                    <div class="mt-5">
-                    <mat-radio-group aria-label="Select an option"    formControlName="requestType" >
-                        <mat-radio-button class="learning-section"  *ngFor="let item of requestTypeList" [value]="item" (change)="selectRequestType(item)">{{item}}</mat-radio-button>
-                    
-                      </mat-radio-group>
-                    </div>
-                </div>
-                <div class="title-name" *ngIf="isAssignee">
-                    <div class="fonm-element-label label-text">Assignee <span class="required"></span></div>
-                    <div class="">
-                        <mat-form-field appearance="outline" class="w-full placeholder-text field-height" fxFlex="40">
-                            <mat-select placeholder="Choose the Assignee" formControlName="assignee">
-                              <input #search autocomplete="off" placeholder="Search" class="assigneeSearch"
-                                (keydown.space)="$event.stopPropagation()"  formControlName="assigneeText" matInput>
-                              <mat-option *ngFor="let option of filteredAssigneeType" [value]="option">{{option.orgName}}</mat-option>
-                          
-                            </mat-select>
-                          </mat-form-field>
-                    </div>
-                </div>
-                <div class="title-name" *ngIf="isBroadCast">
-                    <div class="fonm-element-label label-text">Preffered Providers <span class="required"></span>
-                      <span class="tooltip-span">
-                        <mat-icon class="info-icon cursor-pointer" [matTooltip]="'You can select upto 5 preferred provider'" 
-                        matTooltipClass="tooltip-sec">info</mat-icon>
 
-                      </span>
-                    </div>
-                    <div class="">
-                        <mat-form-field appearance="outline" class="w-full  placeholder-text field-height" fxFlex="40">
-                            <mat-select placeholder="Choose the provider" (openedChange)="openedChange($event,'providerText')" formControlName="providers"  multiple>
-                          
-                              <mat-select-trigger [ngClass]="{'disbaledSelect':isHideData}">
-                                <mat-chip-list>
-                                  <mat-chip *ngFor="let item of requestForm.get('providers').value"
-                                    [removable]="true" (removed)="onProviderRemoved(item)">
-                                    {{ item.orgName }}
-                                    <mat-icon matChipRemove>cancel</mat-icon>
-                                  </mat-chip>
-                                </mat-chip-list>
-                              </mat-select-trigger>
-                              <mat-optgroup>
-                                <mat-form-field floatLabel="never">
-                                  <input #search autocomplete="off" placeholder="Search"  (keydown.space)="$event.stopPropagation()"
-                                   formControlName="providerText" matInput>
-                                  <button [disableRipple]="true" *ngIf="search.value" matSuffix mat-icon-button aria-label="Clear"
-                                    (click)="clearSearch($event,'providerText')"><mat-icon>close</mat-icon></button>
-                                </mat-form-field>
-                              </mat-optgroup>
-                              <mat-optgroup *ngIf="filteredRequestType.length === 0">
-                                <div>No results found!</div>
-                              </mat-optgroup>
-                              <mat-option *ngFor="let option of filteredRequestType" [ngClass]="{'hideOptions': (option.hideOption && option.hideOption === 'hide')}"
-                              [disabled]="isOptionDisabled(option)" [value]="option">{{option.orgName}}</mat-option>
-                          
-                            </mat-select>
-                          </mat-form-field>
-                    </div>
-                </div>
+          </div>
+          <div class="title-text">
+            <div class="fonm-element-label label-text">Request Type<span class="required"></span></div>
+            <div class="mt-5">
+              <mat-radio-group aria-label="Select an option" formControlName="requestType">
+                <mat-radio-button class="learning-section" *ngFor="let item of requestTypeList" [value]="item"
+                  (change)="selectRequestType(item)">{{item}}</mat-radio-button>
+
+              </mat-radio-group>
+            </div>
+          </div>
+          <div class="title-name" *ngIf="isAssignee">
+            <div class="fonm-element-label label-text">Assignee <span class="required"></span></div>
+            <div class="">
+              <mat-form-field appearance="outline" class="w-full placeholder-text field-height" fxFlex="40">
+                <mat-select placeholder="Choose the Assignee" formControlName="assignee">
+                  <input #search autocomplete="off" placeholder="Search" class="assigneeSearch"
+                    (keydown.space)="$event.stopPropagation()" formControlName="assigneeText" matInput>
+                  <mat-option *ngFor="let option of filteredAssigneeType"
+                    [value]="option">{{option.orgName}}</mat-option>
+
+                </mat-select>
+              </mat-form-field>
+            </div>
+          </div>
+          <div class="title-name" *ngIf="isBroadCast">
+            <div class="fonm-element-label label-text">Preffered Providers <span class="required"></span>
+              <span class="tooltip-span">
+                <mat-icon class="info-icon cursor-pointer" [matTooltip]="'You can select upto 5 preferred provider'"
+                  matTooltipClass="tooltip-sec">info</mat-icon>
+
+              </span>
+            </div>
+            <div class="">
+              <mat-form-field appearance="outline" class="w-full  placeholder-text field-height" fxFlex="40">
+                <mat-select placeholder="Choose the provider" (openedChange)="openedChange($event,'providerText')"
+                  formControlName="providers" multiple>
+
+                  <mat-select-trigger [ngClass]="{'disbaledSelect':isHideData}">
+                    <mat-chip-list>
+                      <mat-chip *ngFor="let item of requestForm.get('providers').value" [removable]="true"
+                        (removed)="onProviderRemoved(item)">
+                        {{ item.orgName }}
+                        <mat-icon matChipRemove>cancel</mat-icon>
+                      </mat-chip>
+                    </mat-chip-list>
+                  </mat-select-trigger>
+                  <mat-optgroup>
+                    <mat-form-field floatLabel="never">
+                      <input #search autocomplete="off" placeholder="Search" (keydown.space)="$event.stopPropagation()"
+                        formControlName="providerText" matInput>
+                      <button [disableRipple]="true" *ngIf="search.value" matSuffix mat-icon-button aria-label="Clear"
+                        (click)="clearSearch($event,'providerText')"><mat-icon>close</mat-icon></button>
+                    </mat-form-field>
+                  </mat-optgroup>
+                  <mat-optgroup *ngIf="filteredRequestType.length === 0">
+                    <div>No results found!</div>
+                  </mat-optgroup>
+                  <mat-option *ngFor="let option of filteredRequestType"
+                    [ngClass]="{'hideOptions': (option.hideOption && option.hideOption === 'hide')}"
+                    [disabled]="isOptionDisabled(option)" [value]="option">{{option.orgName}}</mat-option>
+
+                </mat-select>
+              </mat-form-field>
+            </div>
+          </div>
+
+          <div class="flex flex-start margin-top-l" *ngIf="!isHideData">
+            <button mat-button class="submit-btn margin-right-xs" type="button" (click)="submit()"
+              [disabled]="!requestForm.valid">Submit</button>
+            <button mat-button class="close-btn " (click)="navigateBack()" type="button">Cancel</button>
+
+          </div>
+
+          <div class="flex flex-start margin-top-l" *ngIf="isHideData">
+            <button mat-button class="close-btn" (click)="navigateBack()" type="button">Cancel</button>
 
-                <div class="flex flex-start margin-top-l" *ngIf="!isHideData">
-                    <button mat-button class="submit-btn margin-right-xs" type="button" (click)="submit()" [disabled]="!requestForm.valid">Submit</button>
-                    <button mat-button class="close-btn " (click)="navigateBack()" type="button" >Cancel</button>
-                   
-                  </div>
+          </div>
+        </form>
+      </div>
 
-                  <div class="flex flex-start margin-top-l" *ngIf="isHideData">
-                    <button mat-button class="close-btn" (click)="navigateBack()" type="button" >Cancel</button>
-                   
-                  </div>
-            </form>
-        </div>
-        
-      </mat-card-content>
-    </mat-card>
-  </div>
\ No newline at end of file
+    </mat-card-content>
+  </mat-card>
+</div>
\ No newline at end of file
diff --git a/project/ws/app/src/lib/routes/home/routes/request/request-copy-details/request-copy-details.component.ts b/project/ws/app/src/lib/routes/home/routes/request/request-copy-details/request-copy-details.component.ts
index 2fac52e8..aecc49b2 100644
--- a/project/ws/app/src/lib/routes/home/routes/request/request-copy-details/request-copy-details.component.ts
+++ b/project/ws/app/src/lib/routes/home/routes/request/request-copy-details/request-copy-details.component.ts
@@ -8,6 +8,7 @@ import { ConfirmationPopupComponent } from '../confirmation-popup/confirmation-p
 /* tslint:disable */
 import _ from 'lodash'
 import { debounceTime, distinctUntilChanged, startWith } from 'rxjs/operators'
+import { preventHtmlAndJs } from '../../../validators/prevent-html-and-js.validator'
 /* tslint:enable */
 
 @Component({
@@ -70,22 +71,22 @@ export class RequestCopyDetailsComponent implements OnInit {
   competencySubtheme!: FormControl
 
   constructor(private formBuilder: FormBuilder,
-              private requestService: RequestServiceService,
-              private activatedRouter: ActivatedRoute,
-              private snackBar: MatSnackBar,
-              private router: Router,
-              public dialog: MatDialog
+    private requestService: RequestServiceService,
+    private activatedRouter: ActivatedRoute,
+    private snackBar: MatSnackBar,
+    private router: Router,
+    public dialog: MatDialog
   ) {
 
     this.currentUser = sessionStorage.getItem('idDetails') ? sessionStorage.getItem('idDetails') : ''
 
     this.requestForm = this.formBuilder.group({
-      titleName: new FormControl('', [Validators.required, Validators.pattern(this.noSpecialChar), Validators.minLength(10)]),
-      Objective: new FormControl('', [Validators.required, Validators.pattern(this.noSpecialChar)]),
-      userType: new FormControl('', [Validators.pattern(this.noSpecialChar)]),
+      titleName: new FormControl('', [Validators.required, preventHtmlAndJs(), Validators.pattern(this.noSpecialChar), Validators.minLength(10)]),
+      Objective: new FormControl('', [Validators.required, preventHtmlAndJs(), Validators.pattern(this.noSpecialChar)]),
+      userType: new FormControl('', [preventHtmlAndJs(), Validators.pattern(this.noSpecialChar)]),
       learningMode: new FormControl(''),
       compArea: new FormControl(''),
-      referenceLink: new FormControl(''),
+      referenceLink: new FormControl('', preventHtmlAndJs()),
       requestType: new FormControl('', Validators.required),
       assignee: new FormControl(''),
       providers: new FormControl([[]]),
@@ -651,9 +652,9 @@ export class RequestCopyDetailsComponent implements OnInit {
           this.router.navigateByUrl('/app/home/all-request')
           this.snackBar.open('Request submitted successfully ')
         }
-      },         1000)
+      }, 1000)
     },
-                                                        (error: any) => {
+      (error: any) => {
         this.dialogRefs.close({ error })
         this.snackBar.open('Request Failed')
 
diff --git a/project/ws/app/src/lib/routes/home/routes/requests-approval/requests-approval.component.html b/project/ws/app/src/lib/routes/home/routes/requests-approval/requests-approval.component.html
index 0ebd168b..b04c4ccf 100644
--- a/project/ws/app/src/lib/routes/home/routes/requests-approval/requests-approval.component.html
+++ b/project/ws/app/src/lib/routes/home/routes/requests-approval/requests-approval.component.html
@@ -102,9 +102,15 @@ <h2 class="cb-title ng-star-inserted margin-bottom-xl">{{ newPosition ? 'Add new
                       <mat-form-field appearance="outline" class="margin-top-xs">
                         <textarea matInput #desc formControlName="description" maxlength="500" i18n-placeholder
                           placeholder="Type here" type="text" rows="3"></textarea>
-                        <mat-error i18n="Name Error|Explains name is required">
+                        <mat-error i18n="Name Error|Explains name is required"
+                          *ngIf="positionForm?.controls['description'].errors?.required">
                           Description is not valid
                         </mat-error>
+                        <mat-error [hidden]="false" *ngIf="positionForm?.controls['description'].errors?.noHtml"
+                          i18n-aria-label
+                          aria-label="First name Error|Name fields cannot contain numbers and special characters except">
+                          HTML or Js is not allowed
+                        </mat-error>
                       </mat-form-field>
                     </div>
                   </div>
diff --git a/project/ws/app/src/lib/routes/home/routes/requests-approval/requests-approval.component.ts b/project/ws/app/src/lib/routes/home/routes/requests-approval/requests-approval.component.ts
index 59ffb530..3f35c22b 100644
--- a/project/ws/app/src/lib/routes/home/routes/requests-approval/requests-approval.component.ts
+++ b/project/ws/app/src/lib/routes/home/routes/requests-approval/requests-approval.component.ts
@@ -6,6 +6,7 @@ import { DialogConfirmComponent } from '../../../../../../../../../src/app/compo
 import { RequestsService } from '../../services/onboarding-requests.service'
 import { RejectReasonDialogComponent } from '../reject-reason-dialog/reject-reason-dialog.component'
 import * as _ from 'lodash'
+import { preventHtmlAndJs } from '../../validators/prevent-html-and-js.validator'
 
 @Component({
   selector: 'ws-app-requests-approval',
@@ -68,7 +69,7 @@ export class RequestsApprovalComponent implements OnInit {
       position: new FormControl(this.requestType === 'position' ? this.posData.position : '', this.requestType === 'position' ? [Validators.required, Validators.maxLength(500), Validators.pattern(this.customCharsPattern)] : []),
       organisation: new FormControl(this.requestType === 'organisation' ? this.posData.organisation : '', this.requestType === 'organisation' ? [Validators.required, Validators.pattern(this.customCharsPattern)] : []),
       domain: new FormControl(this.requestType === 'domain' ? this.posData.domain : '', this.requestType === 'domain' ? [Validators.required, Validators.pattern(this.domainPattern)] : []),
-      description: new FormControl(this.posData.description, []),
+      description: new FormControl(this.posData.description, [preventHtmlAndJs()]),
       wfId: new FormControl(this.posData.wfId),
     })
 
diff --git a/project/ws/app/src/lib/routes/home/routes/sectors/edit-sector/edit-sector.component.html b/project/ws/app/src/lib/routes/home/routes/sectors/edit-sector/edit-sector.component.html
index 5939867f..78ce4cff 100644
--- a/project/ws/app/src/lib/routes/home/routes/sectors/edit-sector/edit-sector.component.html
+++ b/project/ws/app/src/lib/routes/home/routes/sectors/edit-sector/edit-sector.component.html
@@ -72,7 +72,8 @@
                   <div class="flex-parent-element margin-bottom-l">
                     <div class="flex-child-element flex">
                       <mat-form-field appearance="outline" class="sector-title">
-                        <input matInput [formControl]="control" placeholder="Enter text" class="sub-sector-name">
+                        <input matInput [formControl]="control" placeholder="Enter text" class="sub-sector-name"
+                          (input)="validateInput($event.target.value)">
                       </mat-form-field>
                       <button mat-button [disabled]="control.disabled" class="remove-btn" type="button"
                         (click)="removeTextbox(i)">
diff --git a/project/ws/app/src/lib/routes/home/routes/sectors/edit-sector/edit-sector.component.ts b/project/ws/app/src/lib/routes/home/routes/sectors/edit-sector/edit-sector.component.ts
index b5015699..05c0f967 100644
--- a/project/ws/app/src/lib/routes/home/routes/sectors/edit-sector/edit-sector.component.ts
+++ b/project/ws/app/src/lib/routes/home/routes/sectors/edit-sector/edit-sector.component.ts
@@ -27,6 +27,8 @@ export class EditSectorComponent implements OnInit {
   id: any
   loading = false
 
+  noHtmlCharacter = new RegExp(/<[^>]*>|(function[^\s]+)|(javascript:[^\s]+)/i)
+
   constructor(
     public dialog: MatDialog,
     private configSvc: ConfigurationsService,
@@ -78,7 +80,7 @@ export class EditSectorComponent implements OnInit {
               })
             }
           }
-        },                                                error => {
+        }, error => {
           this.snackBar.open(error, 'X', { duration: sectorConstants.duration })
         })
       }
@@ -108,7 +110,7 @@ export class EditSectorComponent implements OnInit {
         this.router.navigate([`/app/home/sectors`])
       }
       this.loading = false
-    },                                                          eResp => {
+    }, eResp => {
       if (eResp && eResp.error && eResp.error.responseCode === 'BAD_REQUEST') {
         this.snackBar.open(eResp.error.params.errmsg)
       }
@@ -130,4 +132,13 @@ export class EditSectorComponent implements OnInit {
     }
     return '/assets/instances/eagle/app_logos/default.png'
   }
+
+  validateInput(event: string) {
+    const regexMatch = event.match(this.noHtmlCharacter)
+    if (regexMatch) {
+      this.myForm.controls['textboxes'].setErrors({ required: true })
+      this.snackBar.open('HTML or Js is not allowed')
+    }
+
+  }
 }
diff --git a/project/ws/app/src/lib/routes/home/validators/prevent-html-and-js.validator.ts b/project/ws/app/src/lib/routes/home/validators/prevent-html-and-js.validator.ts
new file mode 100644
index 00000000..07c2e626
--- /dev/null
+++ b/project/ws/app/src/lib/routes/home/validators/prevent-html-and-js.validator.ts
@@ -0,0 +1,12 @@
+import { AbstractControl, ValidationErrors, ValidatorFn } from '@angular/forms'
+
+// A custom validator to prevent HTML and Javascript
+export function preventHtmlAndJs(): ValidatorFn {
+  return (control: AbstractControl): ValidationErrors | null => {
+    const value = control.value
+    if (value && value.match(/<[^>]*>|(function[^\s]+)|(javascript:[^\s]+)/i)) {
+      return { 'noHtml': true }
+    }
+    return null
+  }
+}
\ No newline at end of file