- Conduct all encoding on a trusted system (e.g., The server).
- Utilize a standard, tested routine for each type of outbound encoding.
- Contextually output encode all data returned to the client that originated outside the application’s trust boundary. HTML entity encoding is one example, but does not work in all cases.
- Encode all characters unless they are known to be safe for the intended interpreter.
- Contextually sanitize all output of un-trusted data to queries for SQL, XML, and LDAP.
- Sanitize all output of un-trusted data to operating system commands.