A common, yet often recommended, best practice to protect web applications against malicious attacks is the use of specific input filtering and output encoding controls.

• Data Encoding Basics
• Filtering Basics