Name: Sec Input Validation Api
Author: engremran07

Search skills.../

Sec Input Validation Api | Skills Pool

from rest_framework import serializers

class FirmwareSerializer(serializers.ModelSerializer):
    name = serializers.CharField(max_length=200, min_length=3)
    description = serializers.CharField(max_length=5000, allow_blank=True)
    version = serializers.RegexField(r"^\d+\.\d+(\.\d+)?$")

    class Meta:
        model = Firmware
        fields = ["name", "description", "version", "brand", "model"]

    def validate_name(self, value: str) -> str:
        if "<" in value or ">" in value:
            raise serializers.ValidationError("HTML tags not allowed.")
        return value.strip()

    def validate(self, attrs: dict) -> dict:
        if attrs.get("brand") and not attrs.get("model"):
            raise serializers.ValidationError(
                {"model": "Model is required when brand is specified."}
            )
        return attrs

from rest_framework.validators import UniqueTogetherValidator

class FirmwareSerializer(serializers.ModelSerializer):
    class Meta:
        model = Firmware
        fields = ["name", "version", "brand", "model"]
        validators = [
            UniqueTogetherValidator(
                queryset=Firmware.objects.all(),
                fields=["brand", "model", "version"],
                message="This firmware version already exists for this device.",
            )
        ]

class BulkFirmwareSerializer(serializers.Serializer):
    firmwares = FirmwareSerializer(many=True, max_length=50)

    def validate_firmwares(self, value):
        if len(value) > 50:
            raise serializers.ValidationError("Maximum 50 items per batch.")
        return value

class FirmwareCreateView(APIView):
    def post(self, request):
        serializer = FirmwareSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)  # Auto 400 on failure
        serializer.save(uploaded_by=request.user)
        return Response(serializer.data, status=201)

& .\.venv\Scripts\python.exe -m ruff check . --fix
& .\.venv\Scripts\python.exe -m ruff format .
& .\.venv\Scripts\python.exe manage.py check --settings=app.settings_dev

Layer	Validator	Purpose
Field	`serializers.CharField(max_length=...)`	Field constraints
Field method	`validate_<field>()`	Custom field validation
Object	`validate()`	Cross-field validation
Model	`validators=[...]`	Model-level constraints

Layer	Validator	Purpose
Field	`serializers.CharField(max_length=...)`	Field constraints
Field method	`validate_<field>()`	Custom field validation
Object	`validate()`	Cross-field validation
Model	`validators=[...]`	Model-level constraints

Sec Input Validation Api

API Input Validation

When to Use

Rules

Patterns

Serializer Field Validation

Sec Input Validation Api

API Input Validation

When to Use

Rules

Patterns

Serializer Field Validation

Custom Validators

Nested Input Validation

View Usage

Red Flags

Quality Gate

Xurl

Acp Router

Coding Standards

Api Design

Mcp Server Patterns

Backend Patterns