Now, with a limited input field of 128 characters, if you don't find any word breaks in those 128 characters like multiple spaces, periods or commas, reject it.
It's great to be able to use such a tight set of restrictions but not all developers are so lucky. What about a lengthy blog post with a WYSIWYG and all associated markup? Or a contact form, do you want to reject potential customers cause they forgot punctuation? What about JSON encoded data in a hidden form field?
Personally I have no need for such data (so I get where you're coming from) but sometimes the application and/or client demands it.
I'm of the opinion that one does not need to reinvent the wheel, most frameworks have protection built in and if you don't have access to this then there are libraries / test available.
I'm also of the opinion that these developers should be allowed to compete in the market place cause eventually their customers will sooner or later understand the value of what a "pro" web developer charges.