0

In my Asp.Net application, I am trying to format my outgoing mail message with html tags so that it looks correct when the recipient opens it in their email inbox. Using this post as an example, I have run into errors. First, I have a general 'Utilities' file where my sendMail function is configured with the

Utilities.cs

 public static class Utility
{
   public static void sendEmail(string toaddress, string bodycontent, string subjectTxt, string ccAddress)
  {
      string sendEmail = string.Empty;
      try
      {
        System.Net.Mail.MailMessage mailMessage = new System.Net.Mail.MailMessage();
        mailMessage.IsBodyHtml = true;
        System.Net.Mail.SmtpClient smtp = new System.Net.Mail.SmtpClient();
       ....
       }
    }
 }

So, my mailMessage.IsBodyHtml is being set to true. Back in my SendEmail.cs file, this is called and the appropriate toaddress, bodycontent, etc... are plugged in when the SubmitBtn is clicked. The bodycontent is filled with an autogenerated string based on a radiobutton choice and then plugged into textarea. From the textarea the bodycontent is assigned. It works fine until I added the ` tags in the message.

SendEmail.cs

protected void ButtonSend_Click(object sender, System.EventArgs e)
{
    ....
  Utility.sendEmail(userEmail, SpellTextBoxNotify.Text, TextBoxSubject.Text, ccClean);
...
}
protected void uxRadioButtonList_SelectedIndexChanged(object sender, EventArgs e)
{
   DataTable emailInfo = _emailDtr.GetTicketInfoByTicketNumber(Session["TicketNumber"].ToString());
   string email = emailInfo.Rows[0]["RequestorEmail"].ToString();
   string name = emailInfo.Rows[0]["RequestorName"].ToString();
   string phone = emailInfo.Rows[0]["RequestorPhone"].ToString();
             .....
   if (uxRadioButtonList.SelectedItem.Text == "Forward")
   {
     TextBoxTo.Text = userEmail;
     TextBoxSubject.Text = "BCA Helpline Request Detailed Response : " + s;
     string new_message = "Please email:[email protected]**" +
       "Dear Steve,*<br />" +
       "This BC Helpline inquiry has been flagged as a Tier 4 request.**<br /><br />" +
       "Please see the inquiry below. This ticket will be closed out in our system. Please let us know if you’d like  * <br />" +
       "us to respond.   **<br />" +
       "Contact info: *<br />" +
        name + "*<br />" +
        "P: " + phone + "*<br />" +
        email + "**<br /><br />" +
        "Regards, **<br /><br />" + name + "(CTR) *" + "Dewberry Consultants LLC, Contractor<br />*Federal Emergency Management Agency*<br />FEMA HQ*<br />500 C. St., SW*Washington, D.C. 20472<br />*Email: " + userEmail;
        new_message = new_message.Replace("*", "" + System.Environment.NewLine);
        SpellTextBoxNotify.Text = new_message;
      }

      else if (uxRadioButtonList.SelectedItem.Text == "Interim Response")
      {
       ...
      }
        ....
    }
 }

This all works fine until I add the <br /> tags. Then, the button onClick function never fires and I get the following message in my browser console: "

Sys.WebForms.PageRequestManagerServerErrorException: A potentially dangerous Request.Form value was detected from the client (ctl00$ContentPlaceHolder1$SpellTextBoxNotify="...tesinc.com
Any suggestions on how to overcome this issue and get the html tags to work? ".

Improve this question
1
  • 1
    You're getting the error because you're putting the mail message content into SpellTextBoxNotify which is a web control. You should structure your site in a way that the user simply enters the pertinent info, and you build and send the email on the backend. Also instead of having all that html markup in code, make it a resource file that you can insert info into, that way if you want to change the html you just update the resource file and not the code. Commented Mar 21, 2019 at 15:48

2 Answers 2

Reset to default
1

The way you have it set up it looks like the user is entering code into the webform which is a no no.

So move all that code from protected void uxRadioButtonList_SelectedIndexChanged(object sender, EventArgs e) to protected void ButtonSend_Click(object sender, System.EventArgs e) and don't bother setting the textbox's text to the email body.

Th

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

OK, I had to use a combo this and @Rbon Bennett's answer. I the code from uxRadioButtonList_SelectedIndexChanged under my button_onClick. But I also had to use a function to add in <br /> tags were my * characters were. When the mail is sent, the format is correct. Only drawback is that the users cannot edit the message content.
In my applications I usually have an html file with the format of the body added to the project as a resource. Then I load it to a string using Properties.Resources.<RESOURCENAME>. For any custom information I'll have in the html file something like *******CUSTOMINFONAME****** then after loading the resource file I can do a Replace("*******CUSTOMINFONAME******", <some-value-from-the-user>. This way you can change the format without redeploying your code and all the emails will have a consistent look.
1

Your problem here is that you're passing a HTML string around via the Text property of a control on a web page. The web server is rejecting what looks like an attempt to inject HTML into your page.

A solution would be to keep TextBoxSubject.Text as plain text, and convert new-line characters to HTML in ButtonSend_Click

protected void ButtonSend_Click(object sender, System.EventArgs e)
{
....
  Utility.sendEmail(userEmail, SpellTextBoxNotify.Text, newlineToBR(TextBoxSubject.Text), ccClean);
...
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.