HTML Encoding

Always encode input text by user from a web page. This will help prevent script injection attack and is a good practice from security point of view.