Passing HTML string to my controller action method

Passing HTML string to my controller action method

I am using a rich text editor to type formatted text, as shown below:

I am using a rich text editor to type formatted text, as shown below:

I can get the HTML formatted text, which would look like this:

<p>This is my rich HTML Text</p>

Now I want to pass this HTML formatted text to my controller and my controller would put the text in an email and send it to the receiver.

The problem is HTML string is considered unsafe, so in order to pass it to my controller, I need to add [ValidateInput(false)] attribute to my Action method, like below:

    [ValidateInput(false)] // <-- not able to hit the action method without this
    public async Task<JsonResult> Contact(string message)
        if (!HttpContext.User.Identity.IsAuthenticated)
            return Json(new { Authorize = "false" });

    // email message to receiver

And this is the Ajax method which contacts the controller:

$('#contactBtn').click(function () {
    var form = $('#AjaxAntiForgeryForm');
    var token = $('input[name="RequestVerificationToken"]', form).val();
    var message = quill.root.innerHTML; // <-- HTML formatted message

    url: "/Communication/Contact",
    data: { __RequestVerificationToken: token, message: message },
    dataType: 'json',
    type: "POST"


So the above code works, but I am not sure if this is the right thing to do? Is there any security issue with the above code? Is there any encoding that I need to do on the HTML?

ajax html

What's new in Bootstrap 5 and when Bootstrap 5 release date?

How to Build Progressive Web Apps (PWA) using Angular 9

What is new features in Javascript ES2020 ECMAScript 2020

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Random Password Generator Online

HTML Color Picker online | HEX Color Picker | RGB Color Picker

Routing in MVC - ASP.NET Core Demystified

ASP.NET Core MVC has introduced quite a few concepts that new (or new-to-ASP.NET) web developers might have some difficulty getting caught up with. My ASP.NET Core Demystified series is designed to help these developers get started building their own custom, full-fledged, working AASP.NET Core applications. In

ASP.NET MVC Application with JQuery, AJAX

Let's have a sample example: We have a submit button in our JQuery AJAX MVC application. Let's try to show a message when it is clicked. ASP.NET MVC Application - Using JQuery, AJAX

Add Identity in empty project

LIKE | COMMENT | SHARE | SUBSCRIBE Today, in this tutorial you will see the process of adding an ASP.NET Identity to the ASP.NET Web Application developed in...

List all users from asp net core identity

LIKE | COMMENT | SHARE | SUBSCRIBE In this video, i will show you How to retrieve and display all the registered application users in core using the ...

Extend IdentityUser in ASP NET Core

LIKE | COMMENT | SHARE | SUBSCRIBE In this tutorials, I will show you how to extend IdentityUser in core.. Subscribe & Stay Connected! Thank You! ♥ #...