I use jQuery redactorjs for my form to let my users type formatted beautiful text. But after browsing stackoverflow I found some answers from users that I should never accept preformatted input. Here is the question link.
I want my website to be secure, so will this make my website less secure if I use this jquery plugin?
Accepting any html input from a client is not secure. Even if the jQuery plugin doesn't allow the user to craft XSS, it's very easy to modify the code a client is running.
You should either accept input from the user in something like markdown (for example as StackOverflow does) or with a carefully whitelisted set of HTML tags and attributes (making sure to produce valid HTML as output). That's a very tough thing to get correct though, and it would be best to use a well proven library that does this for best security.
The link you are refering to is about sql injection. The point here is that you cannot use client side libraries to prevent against harmful input. However, you use a library to let the user type in formatted text, which is perfectly ok.
What you need to do, regardless of what kind of libraries you use on the client side, is to validate the input you get on the server side. You must acknowledge that a malicious user is technically able to bypass all libraries you have on the client side and send whatever he likes to your server, so the server must validate all input against i.e. sql injection attacks etc.
