Output Encoding
← Back to Secure Development Practices
Context-appropriate encoding of output data to prevent injection. HTML context requires HTML entity encoding, URL context requires URL encoding, JavaScript context requires JavaScript encoding. The encoding must match the output context to be effective.